c7e4cd7a0a5d945f6c5695ff0afedb0f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c7e4cd7a0a5d945f6c5695ff0afedb0f_JaffaCakes118
Size

175KB
MD5

c7e4cd7a0a5d945f6c5695ff0afedb0f
SHA1

76506e78e721c82f8a7728fb5ffa9bb6d03e6f28
SHA256

47dcc0a0d0805986555c7a9004da52415042af76df5bb74389c13bbb30c463a8
SHA512

7f6f0e354b66b2ef7115e709f01813d38d34dc5a52b03e2a4c0d985b49ed13f4352a47a3db30d3c93a1372620399cb5ccedf3c8b98765a2c37ff8f96ccc34b11
SSDEEP

3072:jVnhoJa7IA920l8h1wPyna9DQ/1ASVQsWwuPFcLwY5Q3z0zO6B:jXuZA7yhyP3Q/lQs9EFCUCO6B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7e4cd7a0a5d945f6c5695ff0afedb0f_JaffaCakes118

Files

c7e4cd7a0a5d945f6c5695ff0afedb0f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

951910995276cc3e7f419e4ccd5ec4e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgOpenStorage
CoFreeUnusedLibraries
CreateItemMoniker
CoUninitialize
StgCreateDocfile
CoInitialize
StringFromGUID2
GetRunningObjectTable
CoSetProxyBlanket
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree

gdi32

CreateCompatibleBitmap
GetObjectA
CreateDCA
CreateCompatibleDC
BitBlt
StretchBlt
SelectObject
DeleteObject
SetStretchBltMode
GetStockObject
PatBlt
DeleteDC
CreateDIBSection
SetDIBits

avifil32

AVISaveOptions
AVIMakeCompressedStream

kernel32

GetCurrentThreadId
GetCurrentProcessId
CreateFileA
GlobalFree
QueryPerformanceCounter
WaitForMultipleObjectsEx
GetModuleFileNameW
ReadFile
GetTempFileNameA
VirtualAlloc
lstrlenA
GetVersionExA
DeviceIoControl
GetProcessId
InitializeCriticalSection
DisableThreadLibraryCalls
LocalFree
LocalAlloc
CreateMutexA
GetTempPathA
GetSystemTimeAsFileTime
EnumResourceTypesW
CreateDirectoryA
GetFileAttributesA
GlobalUnlock
GetTickCount
GetFileSize
VirtualFree
WaitForSingleObject
WideCharToMultiByte
SetFileAttributesA
CloseHandle
CopyFileA
Sleep
GetModuleFileNameA
ExitProcess
InterlockedDecrement
DeleteFileA
GetSystemTime
InterlockedIncrement
GetLastError
GlobalLock
MultiByteToWideChar
DeleteCriticalSection
GetVolumeInformationA
CreateFileW
SetFilePointer
ReleaseMutex
FreeLibrary

shlwapi

PathFileExistsA
PathFileExistsW
StrStrIW

advapi32

RegCreateKeyA
RegQueryValueExA
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyExA
RegEnumKeyExA
RegSetValueA
RegCreateKeyExA
RegDeleteKeyA
RegCloseKey
RegSetValueExA

shell32

SHGetSpecialFolderPathA

user32

CopyRect
InflateRect
IsWindow
wsprintfA
ReleaseDC
SetRect
InvalidateRect
DispatchMessageA
SetParent
GetDesktopWindow
GetClientRect
BringWindowToTop
AttachThreadInput
TranslateMessage
EqualRect
FillRect
EnableWindow
DefWindowProcA
GetDC
PeekMessageA
RegisterClassA
PostMessageA
SendMessageA
UnregisterClassA

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

951910995276cc3e7f419e4ccd5ec4e2

Headers

File Characteristics

Imports

ole32

gdi32

avifil32

kernel32

shlwapi

advapi32

shell32

user32

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 70KB - Virtual size: 69KB

.tls Size: 1024B - Virtual size: 380KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 70KB - Virtual size: 69KB

.tls
Size: 1024B - Virtual size: 380KB