1385f5641bfb935d5fd0b2dafad4f899_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1385f5641bfb935d5fd0b2dafad4f899_JaffaCakes118
Size

116KB
MD5

1385f5641bfb935d5fd0b2dafad4f899
SHA1

7d613bf90dc64e74e1cb6b984b55eae00807729f
SHA256

2f86799e7d160c91f3098f95b05bcea38ca1d69ee36065f15bf3ef68eecbf23e
SHA512

fe060c804eaf3d5ce952e8711def025937d7ec06c6c3fbfaf888d54120341d3a715c30431893c08531867f74bfaf09a68981f8de18bdcd90e1348dee5e8fa792
SSDEEP

3072:4qqFRNjrIBd/SGUx0vWmawnw8oO1HUqHl:4qqjN3xX5m1HF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1385f5641bfb935d5fd0b2dafad4f899_JaffaCakes118

Files

1385f5641bfb935d5fd0b2dafad4f899_JaffaCakes118
.exe windows:4 windows x86 arch:x86

63ac09ac3fcfcac0813f98af3f42337b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetCPInfo
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
CreateFileA
TerminateProcess
GetOEMCP
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
ExitProcess
GetVersion
GetStartupInfoA
GetModuleHandleA
HeapFree
HeapAlloc
GetFileSize
SetFilePointer
ReadFile
GetTickCount
GetCommandLineA
GetWindowsDirectoryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
FreeLibrary
GetProfileIntA
LoadLibraryA
GetProcAddress
GetFileAttributesA
WriteFile
CloseHandle
GlobalUnlock
HeapReAlloc
GetSystemDefaultLangID
LCMapStringW
lstrlenA
lstrcpyA
GlobalLock
GlobalAlloc
CopyFileA
DeleteFileA
GlobalFree
GetCurrentProcess
lstrcmpiA

user32

TranslateMessage
GetMessageA
UpdateWindow
ShowWindow
DispatchMessageA
RegisterClassExA
LoadCursorA
LoadIconA
ReleaseDC
GetDC
SendMessageA
GetDlgItem
GetDlgCtrlID
CallWindowProcA
wsprintfA
SetWindowPos
EndPaint
SetRect
UnregisterClassA
IsWindowEnabled
CreateWindowExA
DefWindowProcA
PostQuitMessage
InvalidateRect
FillRect
MessageBoxA
DestroyWindow
EnableWindow
PostMessageA
GetClientRect
SetWindowTextA
GetClassInfoA
RegisterClassA
BeginPaint
GetWindowRect

gdi32

CreateDIBitmap
DeleteObject
GetObjectA
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetDeviceCaps
GetStockObject

comdlg32

GetSaveFileNameA

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegQueryValueExA

winmm

mmioAscend
mciSendCommandA
timeSetEvent
timeKillEvent
timeEndPeriod
timeBeginPeriod
mmioOpenA
mmioDescend
mmioRead
mmioClose

avifil32

AVIFileExit
AVIStreamWrite
AVIFileRelease
AVIStreamRelease
AVIStreamSetFormat
AVIFileCreateStreamA
AVIFileOpenA
AVIFileInit

msvfw32

MCIWndCreateA

Exports

Exports

_Close_JPEG_Decompressor@0
_Decompress_One_Line@4
_End_JPEG_Decompress@0
_Init_JPEG_Decompressor@4
_Start_JPEG_Decompress@16

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

63ac09ac3fcfcac0813f98af3f42337b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

winmm

avifil32

msvfw32

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 73KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 20KB - Virtual size: 24KB

.text
Size: 76KB - Virtual size: 73KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 20KB - Virtual size: 24KB