d0b61452a4a75fa2e38da06c8310d582_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d0b61452a4a75fa2e38da06c8310d582_JaffaCakes118
Size

203KB
MD5

d0b61452a4a75fa2e38da06c8310d582
SHA1

91f149b128cde99d75822e08152f65a559f54580
SHA256

2e757c7e40e52c68c66d4f90a81c031cbbc76a87dae0d5fa0833646a41be31d6
SHA512

08506e6c50e59ea63782ea9e048e54abc87d3930d34eb1c6b7d202f194c7ce33b3df7332ad6eadc3edef30415d17cfa44f32d563bc36a339d9b24ef40a722400
SSDEEP

6144:JRCkogSlKO1Ft8xWxRuBMvna5hEoZw1f:ClKO7xKwnFoS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0b61452a4a75fa2e38da06c8310d582_JaffaCakes118

Files

d0b61452a4a75fa2e38da06c8310d582_JaffaCakes118
.exe windows:4 windows x86 arch:x86

87cb2a448b21c1da64d81f2b7445be2b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragQueryFileW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetFileInfoW

kernel32

FileTimeToLocalFileTime
FindClose
SetEvent
GetProcAddress
ReplaceFileW
GetSystemTimeAsFileTime
QueryPerformanceCounter
MulDiv
FindFirstChangeNotificationW
FindNextChangeNotification
InterlockedDecrement
WideCharToMultiByte
GetTickCount
CreateEventW
GetModuleHandleW
ResetEvent
FreeLibrary
GetLocaleInfoA
GetCurrentThreadId
MultiByteToWideChar
GetProcessId
lstrlenW
GetCurrentProcessId
FileTimeToSystemTime
InitializeCriticalSection
GetVersionExW
EnumResourceTypesA
FindCloseChangeNotification
lstrcpynW
GetFullPathNameW
EnterCriticalSection
Sleep
DeleteCriticalSection
ExitProcess
LeaveCriticalSection
InterlockedExchange
GlobalLock
WaitForSingleObject
lstrlenA
DisableThreadLibraryCalls
GetThreadLocale
GlobalAlloc
GetModuleFileNameA
GetACP
GetDriveTypeW
CloseHandle
GlobalUnlock
InterlockedIncrement
GlobalReAlloc
GetLastError
FindFirstFileW
CreateThread
GetVersionExA

avifil32

AVISaveOptions
AVIMakeCompressedStream

user32

PtInRect
InflateRect
GetSysColorBrush
GetClientRect
IsWindowVisible
SetWindowLongW
GetDC
GetCursorPos
CreatePopupMenu
DefWindowProcW
ShowScrollBar
GetDesktopWindow
IntersectRect
ClientToScreen
EnableWindow
EqualRect
SetTimer
BringWindowToTop
ScreenToClient
SetFocus
UpdateWindow
GetWindowRect
CopyRect
GetActiveWindow
PostMessageW
GetSystemMetrics
LoadCursorW
TrackPopupMenuEx
SetRect
FillRect
GetWindowLongW
SendMessageW
KillTimer
FindWindowExW
DrawTextW
ReleaseDC
DestroyMenu
SetCapture
GetParent
UnionRect
FrameRect
OffsetRect
ReleaseCapture
wsprintfW
IsWindow
GetSysColor
DrawFocusRect
SetRectEmpty
LoadImageW
SetForegroundWindow
SetCursor
IsRectEmpty
InvalidateRect

advapi32

RegOpenKeyExW
RegCloseKey
RegSetValueW
RegCreateKeyW
RegSetValueExW
RegEnumKeyExW
RegDeleteKeyW

ole32

CoFreeUnusedLibraries
OleInitialize
StringFromGUID2
CoCreateInstance
OleUninitialize
CoUninitialize
CoInitialize

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87cb2a448b21c1da64d81f2b7445be2b

Headers

File Characteristics

Imports

shell32

kernel32

avifil32

user32

advapi32

ole32

Sections

.text Size: 117KB - Virtual size: 117KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 80KB - Virtual size: 80KB

.tls Size: 1024B - Virtual size: 92KB

.text
Size: 117KB - Virtual size: 117KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 80KB - Virtual size: 80KB

.tls
Size: 1024B - Virtual size: 92KB