fa0343ceede9c4d58f1d8ea374ec9572_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fa0343ceede9c4d58f1d8ea374ec9572_JaffaCakes118
Size

164KB
MD5

fa0343ceede9c4d58f1d8ea374ec9572
SHA1

2c69c8ad2d47e0867ed3402715f20a46ef8fc5be
SHA256

5aeced5a36b377c8e9c34cc2c16e3434f785390809c5416afa66b1f07733f36a
SHA512

a0534014cfd8c19517b4207414168f7cab287a9c16139fece3ba56d8485a96a7593935d799ccc0eef1de1d7aabac41ea2527bf76545ef7625b192776cc5d7270
SSDEEP

3072:s3+/zzdsyC7jA9vGMg1Obuqd6XZafyrlA24HObYy2YxQJ6EJEXBr:RdN4c9v8kn6pa65Ad4cYxlIE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa0343ceede9c4d58f1d8ea374ec9572_JaffaCakes118

Files

fa0343ceede9c4d58f1d8ea374ec9572_JaffaCakes118
.exe windows:4 windows x86 arch:x86

979d19ac7eb29afb9f36b2bc12a77086

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
StringFromGUID2
CoUninitialize
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoInitialize

avifil32

AVISaveOptions
AVIMakeCompressedStream

shell32

SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetPathFromIDListW
DragQueryFileW
SHGetMalloc
SHGetFileInfoW

user32

IsWindow
DrawTextW
UnionRect
SetTimer
CopyRect
LoadCursorW
GetSysColor
GetSystemMetrics
TrackPopupMenuEx
SetCapture
wsprintfW
ReleaseCapture
ShowScrollBar
SendMessageW
SetRectEmpty
GetParent
SetCursor
DrawFocusRect
CreatePopupMenu
FillRect
LoadImageW
OffsetRect
GetWindowRect
GetSysColorBrush
SetFocus
ClientToScreen
SetRect
PtInRect
GetClientRect
KillTimer
ScreenToClient
PostMessageW
DestroyMenu
SetWindowLongW
IsWindowVisible
UpdateWindow
BringWindowToTop
SetForegroundWindow
FindWindowExW
GetDC
EqualRect
IsRectEmpty
GetWindowLongW
GetDesktopWindow
FrameRect
GetCursorPos
GetActiveWindow
ReleaseDC
IntersectRect
InflateRect
EnableWindow
DefWindowProcW
InvalidateRect

advapi32

RegCloseKey
RegOpenKeyExW
RegCreateKeyW
RegSetValueExW
RegEnumKeyExW
RegSetValueW
RegDeleteKeyW

kernel32

ResetEvent
GetLastError
WaitForSingleObject
InterlockedIncrement
Sleep
ReplaceFileW
MulDiv
EnterCriticalSection
CreateThread
GetTickCount
FileTimeToSystemTime
GetProcessId
GetModuleHandleW
QueryPerformanceCounter
FindClose
GlobalReAlloc
GetProcAddress
GetACP
FindFirstChangeNotificationW
CreateEventW
GlobalLock
GetModuleFileNameA
lstrlenA
lstrlenW
InitializeCriticalSection
LeaveCriticalSection
InterlockedExchange
FindCloseChangeNotification
FindFirstFileW
GetDriveTypeW
EnumResourceTypesA
GetCurrentThreadId
GetSystemTimeAsFileTime
GlobalUnlock
CloseHandle
MultiByteToWideChar
ExitProcess
FindNextChangeNotification
GetVersionExW
GlobalAlloc
DeleteCriticalSection
InterlockedDecrement
GetFullPathNameW
DisableThreadLibraryCalls
lstrcpynW
FreeLibrary
SetEvent
GetLocaleInfoA
GetCurrentProcessId
WideCharToMultiByte
GetThreadLocale
FileTimeToLocalFileTime
GetVersionExA

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

979d19ac7eb29afb9f36b2bc12a77086

Headers

File Characteristics

Imports

ole32

avifil32

shell32

user32

advapi32

kernel32

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 63KB - Virtual size: 62KB

.tls Size: 1024B - Virtual size: 104KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 63KB - Virtual size: 62KB

.tls
Size: 1024B - Virtual size: 104KB