1427f869a813f026d5bccb6dfecd5908_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1427f869a813f026d5bccb6dfecd5908_JaffaCakes118
Size

175KB
MD5

1427f869a813f026d5bccb6dfecd5908
SHA1

32eed35a56d8fb688fb5b5b32440f81e2f203993
SHA256

6ce36b5f20104ba6215c6e45501e01bf6465e9539850ef50ffea6d467d1e96f1
SHA512

8570d7590e5f12aa4ba8c3cf929b0af04008606dcba828daac104882898275223e3c63866ee4152c1a38854ccece8371f24ae9c425a196728f8af8b05551757a
SSDEEP

3072:FnlL1JInZhmfMYLHHgczs1kVE6HMJzSfvXyhjoZkI/2RdKCK4/ak28cZ0Xsa:FPynZnYzBzI6E6Hkuf4oZkI/2RcCK4Fs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1427f869a813f026d5bccb6dfecd5908_JaffaCakes118

Files

1427f869a813f026d5bccb6dfecd5908_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b83241085102f2cc3e2a3197a79de6fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ReleaseDC
UnionRect
UpdateWindow
IsWindow
ClientToScreen
DestroyMenu
IsRectEmpty
CreatePopupMenu
FrameRect
EqualRect
SetFocus
SetRect
GetActiveWindow
InflateRect
FillRect
SetCapture
OffsetRect
SetWindowLongW
PtInRect
DrawTextW
IsWindowVisible
DefWindowProcW
GetCursorPos
GetWindowLongW
LoadCursorW
SetTimer
GetParent
LoadImageW
GetSysColor
SetRectEmpty
ShowScrollBar
GetWindowRect
EnableWindow
GetClientRect
GetSystemMetrics
ScreenToClient
ReleaseCapture
SendMessageW
GetSysColorBrush
PostMessageW
DrawFocusRect
SetCursor
GetDC
FindWindowExW
SetForegroundWindow
TrackPopupMenuEx
GetDesktopWindow
wsprintfW
KillTimer
CopyRect
IntersectRect
BringWindowToTop
InvalidateRect

ole32

StringFromGUID2
CoCreateInstance
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoUninitialize
CoInitialize

advapi32

RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegCreateKeyW
RegSetValueW
RegEnumKeyExW
RegDeleteKeyW

kernel32

FileTimeToSystemTime
GetLocaleInfoA
GlobalReAlloc
GetCurrentThreadId
WaitForMultipleObjectsEx
InitializeCriticalSection
GetThreadLocale
GetACP
GetVersionExW
DeleteCriticalSection
WideCharToMultiByte
GetProcessId
GetFullPathNameW
SetEvent
GetModuleFileNameA
CreateEventW
LeaveCriticalSection
FindCloseChangeNotification
InterlockedDecrement
FindClose
WaitForSingleObject
InterlockedIncrement
GetModuleHandleW
FindFirstChangeNotificationW
GetDriveTypeW
DisableThreadLibraryCalls
EnumResourceTypesW
CreateThread
lstrlenW
EnterCriticalSection
GetProcAddress
FreeLibrary
GlobalAlloc
CloseHandle
QueryPerformanceCounter
GetCurrentProcessId
lstrcpynW
Sleep
ResetEvent
MultiByteToWideChar
FindFirstFileW
ExitProcess
GetSystemTimeAsFileTime
MulDiv
lstrlenA
GetLastError
GetTickCount
FindNextChangeNotification
GlobalLock
InterlockedExchange
FileTimeToLocalFileTime
GlobalUnlock
GetVersionExA

shell32

SHGetMalloc
SHGetPathFromIDListW
DragQueryFileW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetFileInfoW

avifil32

AVISaveOptions
AVIMakeCompressedStream

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b83241085102f2cc3e2a3197a79de6fc

Headers

File Characteristics

Imports

user32

ole32

advapi32

kernel32

shell32

avifil32

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 68KB - Virtual size: 68KB

.tls Size: 1024B - Virtual size: 376KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 68KB - Virtual size: 68KB

.tls
Size: 1024B - Virtual size: 376KB