ba59e48ef27193369bbc939ef49e2520_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ba59e48ef27193369bbc939ef49e2520_JaffaCakes118
Size

191KB
MD5

ba59e48ef27193369bbc939ef49e2520
SHA1

e97cab476cdb6f0633824710aedd99b684710113
SHA256

162dd48a571f0bee42ac8fa1461ac1fc948f0ce8a0122003171d58141c8955cc
SHA512

f76ebbcc8ebc5d31dff0ffb23790161a8b72b9af49d67497d0a175ad694f06a56d075d31f3d771514aca688edc5b8d00e78be66a70fc4f98381f22e6d6b17df6
SSDEEP

3072:t13/3MwvJXGGm//LSkqVxxUR5kP7OHko/g/+JuUvJLy4WtROaPP5IferWU46Op:f3MxL0nNP7Kkd/+ZtOOaPBIIWU4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba59e48ef27193369bbc939ef49e2520_JaffaCakes118

Files

ba59e48ef27193369bbc939ef49e2520_JaffaCakes118
.exe windows:4 windows x86 arch:x86

712f2bd7e8ba3066ab6d661e9f873586

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

StretchDIBits
GetCurrentObject
SetDIBitsToDevice
CreateRectRgn
CreateDIBSection
SetDIBColorTable
DeleteObject
CombineRgn
SetStretchBltMode
BitBlt
GetStockObject
DeleteDC
CreateCompatibleDC
FillRgn
GetObjectA
SelectObject
StretchBlt

kernel32

CloseHandle
QueryDosDeviceW
UnmapViewOfFile
WriteFile
SetFilePointer
CreateFileA
GetProcessId
ReadFile
LocalAlloc
MapViewOfFile
DisableThreadLibraryCalls
GlobalAlloc
GlobalSize
EnumResourceTypesA
lstrlenA
Sleep
ExitProcess
GetFileSize
ProcessIdToSessionId
LocalFree
CreateFileMappingA
GlobalFree

user32

BeginPaint
GetWindowRect
InvalidateRect
SetWindowTextA
SendMessageA
MoveWindow
DestroyWindow
wvsprintfA
LoadIconA
GetFocus
ShowWindow
RegisterClassA
GetClassLongA
CreateWindowExA
GetWindowLongA
OffsetRect
LoadCursorA
CallWindowProcA
DispatchMessageA
PeekMessageA
GetClientRect
DefWindowProcA
MessageBoxA
ReleaseCapture
IsWindow
SubtractRect
GetKeyState
wsprintfA
EndPaint
SetWindowLongA
SetCursor
SetFocus
TranslateMessage
UpdateWindow
ScreenToClient
GetMessageA
SetCapture

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

avifil32

AVIStreamGetFrameOpen
AVIStreamWrite
AVIFileInit
AVIStreamInfoA
AVIStreamGetFrame
AVIFileOpenA
AVIFileCreateStreamA
AVIFileRelease
AVIFileGetStream
AVIStreamRelease
AVIStreamSetFormat
AVISaveOptions
AVIStreamGetFrameClose
AVIMakeCompressedStream

comctl32

CreateToolbarEx

msvfw32

ICOpen
ICDecompress
ICSendMessage
ICClose

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

712f2bd7e8ba3066ab6d661e9f873586

Headers

File Characteristics

Imports

gdi32

kernel32

user32

avicap32

avifil32

comctl32

msvfw32

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 78KB - Virtual size: 78KB

.tls Size: 1024B - Virtual size: 348KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 78KB - Virtual size: 78KB

.tls
Size: 1024B - Virtual size: 348KB