eab64b8ff2461a2711d23d98bc641759_JaffaCakes118

General

Target

eab64b8ff2461a2711d23d98bc641759_JaffaCakes118
Size

174KB
MD5

eab64b8ff2461a2711d23d98bc641759
SHA1

672527446005ea1c7c2f41469498d4a843b6cbf8
SHA256

b44827ecdfdef3941eb5d1fb2a4ec80ed5c641be82f395765263c51417f7d5ef
SHA512

ed70fc710ae643f37749c647a83222f87de8625e98157a67021051593db902e8df3e4b95884b2edd3b2d045f9c4b11443f87e3b93da4fa6b370cfcc8f3db3580
SSDEEP

3072:w7boqDmmgy4crlgG5GOwA8ftBvqaoMu72lIs0zcndcfXb:wPoqKmv4YqGyt5qa7uSnd0r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eab64b8ff2461a2711d23d98bc641759_JaffaCakes118

Files

eab64b8ff2461a2711d23d98bc641759_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c32e0b8a65918ea29caa11ed1fbd77b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
GetTempPathW
EnterCriticalSection
GetLastError
GetShortPathNameA
CreateDirectoryA
TerminateProcess
GetVersionExA
InterlockedIncrement
GetProcessAffinityMask
OutputDebugStringW
GetCurrentThreadId
DeleteFileA
WriteFile
WaitForSingleObject
GetTempPathA
CloseHandle
GetTempFileNameA
InterlockedDecrement
LocalAlloc
EnumResourceTypesW
SetFileAttributesW
MultiByteToWideChar
ReadFile
CreateFileA
lstrlenA
ReleaseMutex
GetTickCount
DisableThreadLibraryCalls
GetCurrentProcessId
GetProcAddress
LoadLibraryW
GetFileAttributesA
SetFilePointer
FreeLibrary
CopyFileA
OutputDebugStringA
CreateMutexA
LeaveCriticalSection
WideCharToMultiByte
GetTempFileNameW
QueryPerformanceCounter
LocalFree
GetSystemTime
GetModuleFileNameA
GetSystemTimeAsFileTime

user32

IsRectEmpty
CopyRect
DispatchMessageW
TranslateMessage
PeekMessageW
ReleaseDC
wsprintfW
SetRectEmpty
FillRect
OffsetRect
GetDC
GetClientRect
GetWindowRect

winmm

timeGetTime

avifil32

AVISaveOptions
AVIMakeCompressedStream

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c32e0b8a65918ea29caa11ed1fbd77b

Headers

File Characteristics

Imports

kernel32

user32

winmm

avifil32

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 2KB - Virtual size: 1KB

.bss Size: 68KB - Virtual size: 67KB

.tls Size: 1024B - Virtual size: 380KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 2KB - Virtual size: 1KB

.bss
Size: 68KB - Virtual size: 67KB

.tls
Size: 1024B - Virtual size: 380KB