0f52f903a94041d8ebe89d579a25eba1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0f52f903a94041d8ebe89d579a25eba1_JaffaCakes118
Size

44KB
MD5

0f52f903a94041d8ebe89d579a25eba1
SHA1

03e1f226968bb68d38d088b614af20753fed9de1
SHA256

d50ff19c244b877d23e3120051e43d8c163e24758cc288f512078b36404537ce
SHA512

fc0d3cea01e48c0c1bc0875eed9d5097c58ed153004350331a001797e2da80080ab499c54b2cb9cc776a869e5e1ea188387e53fb6d61abfcf59b82ceb7bc660c
SSDEEP

768:B7YpPnMFfz0gbOBvmvqKcBsh29GZFrKtocPkmtPKXQhavHGWSaSZpO:wM6gbkaqKvh29SeBkmtPYQ4b6w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f52f903a94041d8ebe89d579a25eba1_JaffaCakes118

Files

0f52f903a94041d8ebe89d579a25eba1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b1d9e965440aef21dc90008e288f4b2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntmsapi

EjectDiskFromSADriveW

shell32

ShellExecuteExW

msvcrt

_initterm
_beep
_onexit
_chdir
exit
free
_purecall
wcscpy
swscanf
wcsstr
_except_handler3
iswdigit
wcslen
wcstoul
_wtol
__dllonexit
setlocale
wcsrchr
_beginthread
malloc
swprintf

ole32

CoSetProxyBlanket
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
ReleaseStgMedium
CoUninitialize
CoInitialize
CreateStreamOnHGlobal

kernel32

GetModuleHandleW
InterlockedExchange
LoadLibraryExW
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
HeapAlloc
IsBadReadPtr
SetEvent
GetProcAddress
FreeLibrary
GetModuleHandleA
CreateEventW
GlobalFree
WaitForSingleObject
LeaveCriticalSection
GetFileAttributesW
lstrcpynW
GetWindowsDirectoryW
GetTickCount
GlobalAlloc
GetComputerNameW
LoadLibraryA
EnterCriticalSection
LocalFree
LocalAlloc
GetSystemTimeAsFileTime
Sleep
GetVersion
SetUnhandledExceptionFilter
GetProcessHeap
lstrlenW
lstrcmpW
GetModuleFileNameW
ResumeThread
SetLastError
GetCurrentProcessId
GlobalLock
DeleteCriticalSection
LoadLibraryW
GetLastError
UnhandledExceptionFilter
QueryPerformanceCounter
CloseHandle
InitializeCriticalSection
VirtualAlloc
GlobalUnlock
OutputDebugStringA

activeds

FreeADsMem

dmutil

ShowMessage

gdi32

ExtTextOutW
CreateHatchBrush
GetBkColor
DeleteObject

user32

EnableWindow
WinHelpW
KillTimer
FillRect
DestroyIcon
RegisterClipboardFormatW
GetParent
CallNextHookEx
DrawFocusRect
UnhookWindowsHookEx
CopyRect
SendMessageW
GetDesktopWindow
LoadBitmapW
PostThreadMessageW
CreatePopupMenu
SetWindowsHookExW
LoadStringW
SetTimer
AppendMenuW
PostMessageW
RedrawWindow
LoadIconW
SetWindowLongW
GetSysColor
InvalidateRect
GetWindowLongW

avifil32

AVIFileInfo

Sections

.textbss
Size: - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b1d9e965440aef21dc90008e288f4b2d

Headers

File Characteristics

Imports

ntmsapi

shell32

msvcrt

ole32

kernel32

activeds

dmutil

gdi32

user32

avifil32

Sections

.textbss Size: - Virtual size: 240KB

.idata Size: 3KB - Virtual size: 3KB

.text Size: 512B - Virtual size: 500B

.rsrc Size: 39KB - Virtual size: 116KB

.textbss
Size: - Virtual size: 240KB

.idata
Size: 3KB - Virtual size: 3KB

.text
Size: 512B - Virtual size: 500B

.rsrc
Size: 39KB - Virtual size: 116KB