556257360515b13a668d747665d16722_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

556257360515b13a668d747665d16722_JaffaCakes118
Size

136KB
MD5

556257360515b13a668d747665d16722
SHA1

b0072415734708531c1f1f2a02b844c46ac66ae8
SHA256

715b3ff37ffa63f2b56663011f067a634569c7e04bc4fdc7f8d798e0c02749e6
SHA512

5ff7274806cf688330d1cd1c7b331525894081d05844bfc67c287a155e3ea1993791c36d79190eb49a5df1844c1efa293594ef374cedb7a746454f575d5640a6
SSDEEP

3072:B0dFz/r3RLK7Y1P6ncO+Octw/1P5GCn+/TTNIk/wBxUkZU5:B0v0746ncROew/p5GCngTW//Ukq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
556257360515b13a668d747665d16722_JaffaCakes118

Files

556257360515b13a668d747665d16722_JaffaCakes118
.exe windows:4 windows x86 arch:x86

951910995276cc3e7f419e4ccd5ec4e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgOpenStorage
CoFreeUnusedLibraries
CreateItemMoniker
CoUninitialize
StgCreateDocfile
CoInitialize
StringFromGUID2
GetRunningObjectTable
CoSetProxyBlanket
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree

gdi32

CreateCompatibleBitmap
GetObjectA
CreateDCA
CreateCompatibleDC
BitBlt
StretchBlt
SelectObject
DeleteObject
SetStretchBltMode
GetStockObject
PatBlt
DeleteDC
CreateDIBSection
SetDIBits

avifil32

AVISaveOptions
AVIMakeCompressedStream

kernel32

GetCurrentThreadId
GetCurrentProcessId
CreateFileA
GlobalFree
QueryPerformanceCounter
WaitForMultipleObjectsEx
GetModuleFileNameW
ReadFile
GetTempFileNameA
VirtualAlloc
lstrlenA
GetVersionExA
DeviceIoControl
GetProcessId
InitializeCriticalSection
DisableThreadLibraryCalls
LocalFree
LocalAlloc
CreateMutexA
GetTempPathA
GetSystemTimeAsFileTime
EnumResourceTypesW
CreateDirectoryA
GetFileAttributesA
GlobalUnlock
GetTickCount
GetFileSize
VirtualFree
WaitForSingleObject
WideCharToMultiByte
SetFileAttributesA
CloseHandle
CopyFileA
Sleep
GetModuleFileNameA
ExitProcess
InterlockedDecrement
DeleteFileA
GetSystemTime
InterlockedIncrement
GetLastError
GlobalLock
MultiByteToWideChar
DeleteCriticalSection
GetVolumeInformationA
CreateFileW
SetFilePointer
ReleaseMutex
FreeLibrary

shlwapi

PathFileExistsA
PathFileExistsW
StrStrIW

advapi32

RegCreateKeyA
RegQueryValueExA
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyExA
RegEnumKeyExA
RegSetValueA
RegCreateKeyExA
RegDeleteKeyA
RegCloseKey
RegSetValueExA

shell32

SHGetSpecialFolderPathA

user32

CopyRect
InflateRect
IsWindow
wsprintfA
ReleaseDC
SetRect
InvalidateRect
DispatchMessageA
SetParent
GetDesktopWindow
GetClientRect
BringWindowToTop
AttachThreadInput
TranslateMessage
EqualRect
FillRect
EnableWindow
DefWindowProcA
GetDC
PeekMessageA
RegisterClassA
PostMessageA
SendMessageA
UnregisterClassA

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

951910995276cc3e7f419e4ccd5ec4e2

Headers

File Characteristics

Imports

ole32

gdi32

avifil32

kernel32

shlwapi

advapi32

shell32

user32

Sections

.text Size: 95KB - Virtual size: 95KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 65KB - Virtual size: 65KB

.tls Size: 1024B - Virtual size: 104KB

.text
Size: 95KB - Virtual size: 95KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 65KB - Virtual size: 65KB

.tls
Size: 1024B - Virtual size: 104KB