9b0f24959014de595ed453f20d4b0aa3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

9b0f24959014de595ed453f20d4b0aa3_JaffaCakes118
Size

164KB
MD5

9b0f24959014de595ed453f20d4b0aa3
SHA1

b7d7debb1b40c81585f8f5dec531b6a1d01fa7fa
SHA256

fea51b17878740131cb927f0c11872207ac21518d0c886d308a601286f8573e1
SHA512

7f50f8740665de98ca00c4ee85d913746a759030c5e0d3bb6febc45503ece9eb85debefcb40e4ad32e7f322cd3775236c3f6642a1fdab3e760a42945b2681792
SSDEEP

3072:Fm+Ln2uL4rMEBowvKAxnQPZ9J7dhPvqmBJcOtNK12An:D3jEySZQR9J7P3q+GCo2A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b0f24959014de595ed453f20d4b0aa3_JaffaCakes118

Files

9b0f24959014de595ed453f20d4b0aa3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e2fb6b0ac4cfb6dcd0f834f2e43742ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetRectEmpty
ReleaseDC
FillRect
DispatchMessageW
GetDC
GetClientRect
wsprintfW
IsRectEmpty
OffsetRect
CopyRect
PeekMessageW
TranslateMessage
GetWindowRect

avifil32

AVISaveOptions
AVIMakeCompressedStream

winmm

timeGetTime

ole32

CoFreeUnusedLibraries
StringFromGUID2
CoCreateInstance
CoUninitialize
CoInitialize

shlwapi

PathRenameExtensionW
PathRemoveBackslashW
PathFileExistsW
PathFileExistsA
PathCombineW
PathAddBackslashW
PathAppendW
PathIsDirectoryW
PathRemoveFileSpecW

advapi32

RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegSetValueExA
RegCreateKeyW
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueW
RegQueryValueExW
RegSetValueExW
RegEnumKeyExW
RegDeleteKeyA

kernel32

GetVersionExW
LocalFree
FindFirstFileW
GetTempPathA
GetModuleFileNameW
CreateFileA
GetTickCount
WaitForMultipleObjects
CreateMutexA
GetCurrentProcessId
InterlockedExchange
GetTempFileNameA
SetFileAttributesW
GetSystemTime
DeleteFileW
GetPriorityClass
GetLastError
DeleteFileA
InterlockedIncrement
WaitForSingleObject
QueryPerformanceCounter
GetFileAttributesA
CreateDirectoryA
lstrlenW
GetTempPathW
SetFileAttributesA
GetCurrentThreadId
LocalAlloc
EnumResourceTypesW
FindNextFileW
GetTempFileNameW
MulDiv
RemoveDirectoryW
FindClose
LoadLibraryW
OutputDebugStringW
GetLocaleInfoA
OutputDebugStringA
SetFilePointer
ReadFile
InitializeCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
FreeLibrary
ExitProcess
Sleep
CreateDirectoryW
CopyFileA
GetThreadLocale
MultiByteToWideChar
CloseHandle
GetACP
WideCharToMultiByte
InterlockedDecrement
EnterCriticalSection
lstrlenA
GetModuleFileNameA
GetVersionExA
LeaveCriticalSection
WriteFile
GetProcAddress
ReleaseMutex
GetSystemTimeAsFileTime

gdi32

GetObjectType
DeleteDC
SelectObject
CreateDCW
GetDIBits
StretchBlt
CreateDIBSection
CreateSolidBrush
CreateBitmap
CreateCompatibleBitmap
SetBkColor
GetObjectW
BitBlt
DeleteObject
SetBrushOrgEx
CreateCompatibleDC
SetStretchBltMode

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2fb6b0ac4cfb6dcd0f834f2e43742ab

Headers

File Characteristics

Imports

user32

avifil32

winmm

ole32

shlwapi

advapi32

kernel32

gdi32

shell32

Sections

.text Size: 98KB - Virtual size: 97KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 61KB - Virtual size: 60KB

.tls Size: 1024B - Virtual size: 100KB

.text
Size: 98KB - Virtual size: 97KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 61KB - Virtual size: 60KB

.tls
Size: 1024B - Virtual size: 100KB