d04f84516de5f5f2f6e725902ebc1d19_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d04f84516de5f5f2f6e725902ebc1d19_JaffaCakes118
Size

172KB
MD5

d04f84516de5f5f2f6e725902ebc1d19
SHA1

72a36d81dc1beee63abfa892f134f065ca3bdeda
SHA256

d80aa245ffb6c3844bdd0ab0d3460c58bbd5116827fd908b571140f35623fbdc
SHA512

0f7a5a33b4683ab121817b8fb201dbc2f22f56d68c9015c6ead6a2c3f08d14dc8a9a8fb6ebbacba8a0aff732bb2df62d4f7df296004632d3fcc81fc3f8729436
SSDEEP

3072:ofYHBRUlWhGQTpuFj8EgfeuVuThUs3CGRH4T8Qu5g8PbRU1/sM:+AWmt2jFgfZVuCs3piTTMgd2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d04f84516de5f5f2f6e725902ebc1d19_JaffaCakes118

Files

d04f84516de5f5f2f6e725902ebc1d19_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6463ac771c2c89ad5c048281b5344685

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

avifil32

AVISaveOptions
AVIMakeCompressedStream

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegSetValueW
RegCreateKeyW
RegSetValueExW
RegDeleteKeyW

kernel32

WideCharToMultiByte
CreateEventW
GetSystemTimeAsFileTime
InterlockedDecrement
LeaveCriticalSection
InitializeCriticalSection
Sleep
GetCurrentThreadId
WaitForMultipleObjectsEx
GlobalAlloc
lstrcpynW
SetEvent
FindFirstFileW
GetProcAddress
DeleteCriticalSection
GetProcessId
lstrlenA
ResetEvent
GetDriveTypeW
GetLocaleInfoA
InterlockedExchange
FileTimeToSystemTime
FindNextChangeNotification
lstrlenW
GetFullPathNameW
GlobalUnlock
EnumResourceTypesA
GetVersionExW
FileTimeToLocalFileTime
GetCurrentProcessId
GlobalLock
GetACP
WaitForSingleObject
FindCloseChangeNotification
ExitProcess
MultiByteToWideChar
FreeLibrary
GetModuleHandleW
FindFirstChangeNotificationW
FindClose
MulDiv
GetModuleFileNameA
GetTickCount
GetThreadLocale
EnterCriticalSection
InterlockedIncrement
GetLastError
GlobalReAlloc
CreateThread
QueryPerformanceCounter
CloseHandle
DisableThreadLibraryCalls
GetVersionExA

shell32

SHGetPathFromIDListW
DragQueryFileW
SHGetSpecialFolderLocation
SHGetMalloc
SHGetDesktopFolder
SHGetFileInfoW

user32

CreatePopupMenu
GetDC
BringWindowToTop
FrameRect
InflateRect
EnableWindow
ReleaseDC
GetWindowRect
SendMessageW
DefWindowProcW
IntersectRect
IsRectEmpty
UnionRect
GetDesktopWindow
ShowScrollBar
DrawFocusRect
SetCapture
OffsetRect
SetRectEmpty
GetSystemMetrics
GetParent
IsWindowVisible
SetWindowLongW
wsprintfW
GetClientRect
LoadCursorW
SetCursor
DestroyMenu
TrackPopupMenuEx
SetFocus
GetWindowLongW
CopyRect
SetTimer
FindWindowExW
ScreenToClient
GetSysColorBrush
KillTimer
LoadImageW
PostMessageW
GetCursorPos
SetForegroundWindow
FillRect
UpdateWindow
DrawTextW
IsWindow
SetRect
GetActiveWindow
EqualRect
ReleaseCapture
ClientToScreen
GetSysColor
PtInRect
InvalidateRect

ole32

StringFromGUID2
CoUninitialize
CoFreeUnusedLibraries
OleInitialize
CoCreateInstance
OleUninitialize
CoInitialize

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6463ac771c2c89ad5c048281b5344685

Headers

File Characteristics

Imports

avifil32

advapi32

kernel32

shell32

user32

ole32

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 64KB - Virtual size: 64KB

.tls Size: 1024B - Virtual size: 252KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 64KB - Virtual size: 64KB

.tls
Size: 1024B - Virtual size: 252KB