cfdfe359ce79ef2ec3a8a9a9c134f497_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

cfdfe359ce79ef2ec3a8a9a9c134f497_JaffaCakes118
Size

164KB
MD5

cfdfe359ce79ef2ec3a8a9a9c134f497
SHA1

f09d86908f9830904bbdc56f0ced93688245a519
SHA256

5b6d825ccb80674154d8c24097eed291637b73dc12fa516a5f9d18dd93731f04
SHA512

03e53a551692c938fe319cefa0b408c300c518e304aa29241ef823ea0f3abf13263f026bf1bc6ec6b1c155b17694ea67f1e4bc47b3ff7ac26fad705f942d0058
SSDEEP

3072:dQgbMCivSMirg3J5UFXZ6R2CHykeANfyeBpMVVDKov1jAjW:Sms3J5mVqytUKeLMjP8y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfdfe359ce79ef2ec3a8a9a9c134f497_JaffaCakes118

Files

cfdfe359ce79ef2ec3a8a9a9c134f497_JaffaCakes118
.exe windows:4 windows x86 arch:x86

681a01165727743293071762901582d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsWindowVisible
SetRect
GetWindowLongW
GetDesktopWindow
BringWindowToTop
SetCapture
EqualRect
PtInRect
DefWindowProcW
LoadImageW
SetCursor
ReleaseDC
DestroyMenu
DrawTextW
ReleaseCapture
GetWindowRect
EnableWindow
SetRectEmpty
IsRectEmpty
GetActiveWindow
GetSystemMetrics
IntersectRect
LoadCursorW
SetFocus
GetSysColor
KillTimer
FillRect
GetParent
UnionRect
PostMessageW
GetDC
OffsetRect
CopyRect
DrawFocusRect
wsprintfW
GetClientRect
InflateRect
ShowScrollBar
SetForegroundWindow
SetWindowLongW
CreatePopupMenu
TrackPopupMenuEx
ClientToScreen
FindWindowExW
GetSysColorBrush
UpdateWindow
ScreenToClient
GetCursorPos
IsWindow
FrameRect
SetTimer
SendMessageW
InvalidateRect

ole32

StringFromGUID2
CoFreeUnusedLibraries
OleUninitialize
CoUninitialize
OleInitialize
CoCreateInstance
CoInitialize

advapi32

RegSetValueExW
RegSetValueW
RegOpenKeyExW
RegCreateKeyW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW

shell32

SHGetSpecialFolderLocation
SHGetMalloc
DragQueryFileW
SHGetDesktopFolder
SHGetPathFromIDListW
SHGetFileInfoW

kernel32

FindFirstFileW
GetLastError
GetCurrentThreadId
FileTimeToSystemTime
FindFirstChangeNotificationW
FindClose
ReplaceFileW
GetDriveTypeW
DeleteCriticalSection
ResetEvent
QueryPerformanceCounter
GetVersionExW
GetTickCount
FileTimeToLocalFileTime
GetModuleHandleW
InitializeCriticalSection
FindCloseChangeNotification
GetCurrentProcessId
GetProcessId
CloseHandle
GlobalLock
GetSystemTimeAsFileTime
FreeLibrary
InterlockedIncrement
MulDiv
lstrlenA
EnumResourceTypesA
GetLocaleInfoA
WaitForSingleObject
SetEvent
GetFullPathNameW
Sleep
lstrcpynW
GetProcAddress
CreateEventW
InterlockedDecrement
WideCharToMultiByte
GetThreadLocale
FindNextChangeNotification
ExitProcess
CreateThread
InterlockedExchange
EnterCriticalSection
GlobalUnlock
lstrlenW
GlobalReAlloc
MultiByteToWideChar
GlobalAlloc
LeaveCriticalSection
GetModuleFileNameA
DisableThreadLibraryCalls
GetACP
GetVersionExA

avifil32

AVISaveOptions
AVIMakeCompressedStream

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

681a01165727743293071762901582d9

Headers

File Characteristics

Imports

user32

ole32

advapi32

shell32

kernel32

avifil32

Sections

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 64KB - Virtual size: 63KB

.tls Size: 1024B - Virtual size: 104KB

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 64KB - Virtual size: 63KB

.tls
Size: 1024B - Virtual size: 104KB