ba687d1dc8c846bd9fd2f52e971a4c28_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ba687d1dc8c846bd9fd2f52e971a4c28_JaffaCakes118
Size

182KB
MD5

ba687d1dc8c846bd9fd2f52e971a4c28
SHA1

34ff3876d377e1c6ed592ddb057417bd8d4a2448
SHA256

019a7d73db686d19e6460742826f2de4b022d26132dfa7f6ae90fbde629c9d55
SHA512

1062725d72ce3bc72c9020c6be73e5655d4959f0cbdba17fe9613aeb19cd79865967921e5e9dce6a7b308e83e2a54e76f5de5ce7e5a2ad9a55a6c6b8e768cb40
SSDEEP

3072:Pva7Rm13wRjQk9vXo+cHq1T2GxIgwdtG5l3M/svza/ovQ1+LoY1RN1rLDf:P4Rm13ssk9vXtsq17IftG5l3Na/V1y13

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba687d1dc8c846bd9fd2f52e971a4c28_JaffaCakes118

Files

ba687d1dc8c846bd9fd2f52e971a4c28_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ed131af422ae3e72f4fa7a3fdd9c3565

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
ReplaceFileW
GetCurrentProcessId
GlobalReAlloc
EnterCriticalSection
InterlockedIncrement
FindClose
FindCloseChangeNotification
lstrlenW
DeleteCriticalSection
CreateEventW
FindFirstChangeNotificationW
GlobalUnlock
GetACP
InterlockedDecrement
MulDiv
LeaveCriticalSection
FreeLibrary
GetProcessId
CreateThread
GetLastError
GlobalLock
GetDriveTypeW
DisableThreadLibraryCalls
FindNextChangeNotification
Sleep
GetLocaleInfoA
EnumResourceTypesA
GetThreadLocale
FindFirstFileW
FileTimeToSystemTime
QueryPerformanceCounter
InitializeCriticalSection
SetEvent
ExitProcess
GetModuleFileNameA
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
GetTickCount
CloseHandle
GlobalAlloc
WaitForSingleObject
lstrlenA
GetVersionExW
GetProcAddress
GetCurrentThreadId
WideCharToMultiByte
GetFullPathNameW
GetModuleHandleW
lstrcpynW
MultiByteToWideChar
InterlockedExchange
GetVersionExA

ole32

OleUninitialize
CoCreateInstance
CoFreeUnusedLibraries
OleInitialize
StringFromGUID2
CoUninitialize
CoInitialize

avifil32

AVISaveOptions
AVIMakeCompressedStream

user32

IsRectEmpty
wsprintfW
GetCursorPos
ReleaseDC
GetActiveWindow
LoadCursorW
PtInRect
DefWindowProcW
SetRectEmpty
LoadImageW
DrawTextW
BringWindowToTop
FrameRect
FillRect
KillTimer
UpdateWindow
SetCapture
GetClientRect
IsWindowVisible
GetSysColor
IsWindow
SetRect
UnionRect
CopyRect
FindWindowExW
GetWindowLongW
ScreenToClient
SetFocus
EqualRect
OffsetRect
EnableWindow
InflateRect
SetTimer
GetDesktopWindow
TrackPopupMenuEx
GetSysColorBrush
IntersectRect
PostMessageW
GetParent
SetWindowLongW
GetDC
CreatePopupMenu
DestroyMenu
GetWindowRect
GetSystemMetrics
ReleaseCapture
SetCursor
ClientToScreen
DrawFocusRect
SendMessageW
SetForegroundWindow
ShowScrollBar
InvalidateRect

advapi32

RegSetValueExW
RegCloseKey
RegSetValueW
RegEnumKeyExW
RegOpenKeyExW
RegCreateKeyW
RegDeleteKeyW

shell32

DragQueryFileW
SHGetMalloc
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetFileInfoW

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed131af422ae3e72f4fa7a3fdd9c3565

Headers

File Characteristics

Imports

kernel32

ole32

avifil32

user32

advapi32

shell32

Sections

.text Size: 106KB - Virtual size: 105KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 70KB - Virtual size: 70KB

.tls Size: 1024B - Virtual size: 124KB

.text
Size: 106KB - Virtual size: 105KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 70KB - Virtual size: 70KB

.tls
Size: 1024B - Virtual size: 124KB