cca84829dde5696ba97397cfee06d180_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

cca84829dde5696ba97397cfee06d180_JaffaCakes118
Size

176KB
MD5

cca84829dde5696ba97397cfee06d180
SHA1

19a3d095c83cae37f6deaa5edbfe7143c13bdb14
SHA256

ca873c83169b6e3143a6eb78a812241ae9a88bae50bec3832c0df0815c2bffd6
SHA512

368ad3bb998ffc8f030616f3f9ba0cfd6e2847ac6f98f83342e868ea7f214c0a99c01a6659fee1848c225690cdc99db91f3eb63059710ad02cfe61ea96bde186
SSDEEP

3072:bRC/UmzULMWQzL8+j+Fegyht8y7dTMiT5NrAvLs0pne8gRQ:NPmAMWKo+S0rv8ytMsrAvIbRQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cca84829dde5696ba97397cfee06d180_JaffaCakes118

Files

cca84829dde5696ba97397cfee06d180_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8f65638efe1be3baf70d0082d6775691

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
WaitForMultipleObjectsEx
MulDiv
GetACP
ResetEvent
MultiByteToWideChar
FindFirstFileW
Sleep
WaitForSingleObject
InitializeCriticalSection
GetModuleHandleW
GetModuleFileNameA
GetThreadLocale
GetLastError
EnterCriticalSection
GetProcessId
GetCurrentThreadId
DisableThreadLibraryCalls
InterlockedDecrement
FindClose
GlobalLock
FileTimeToSystemTime
GetVersionExW
FindFirstChangeNotificationW
InterlockedExchange
GetSystemTimeAsFileTime
CreateEventW
GetCurrentProcessId
FreeLibrary
EnumResourceTypesW
InterlockedIncrement
SetEvent
GlobalReAlloc
lstrcpynW
lstrlenW
GetTickCount
WideCharToMultiByte
GlobalAlloc
GetFullPathNameW
CreateThread
ExitProcess
LeaveCriticalSection
DeleteCriticalSection
QueryPerformanceCounter
GetProcAddress
GetLocaleInfoA
lstrlenA
CloseHandle
FileTimeToLocalFileTime
FindCloseChangeNotification
FindNextChangeNotification
GetDriveTypeW
GetVersionExA

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
DragQueryFileW
SHGetDesktopFolder
SHGetFileInfoW

avifil32

AVISaveOptions
AVIMakeCompressedStream

user32

BringWindowToTop
DrawFocusRect
GetCursorPos
EnableWindow
SendMessageW
GetClientRect
GetDC
LoadCursorW
SetRectEmpty
GetWindowLongW
InflateRect
GetDesktopWindow
GetWindowRect
SetWindowLongW
ShowScrollBar
EqualRect
LoadImageW
GetParent
TrackPopupMenuEx
SetFocus
ReleaseCapture
ScreenToClient
FillRect
GetSysColor
ClientToScreen
CopyRect
IsRectEmpty
IntersectRect
SetRect
PostMessageW
KillTimer
OffsetRect
GetActiveWindow
UpdateWindow
SetCursor
GetSystemMetrics
FrameRect
GetSysColorBrush
FindWindowExW
CreatePopupMenu
IsWindow
IsWindowVisible
DrawTextW
UnionRect
ReleaseDC
DefWindowProcW
PtInRect
SetCapture
DestroyMenu
SetTimer
SetForegroundWindow
wsprintfW
InvalidateRect

ole32

OleUninitialize
CoCreateInstance
OleInitialize
CoUninitialize
CoFreeUnusedLibraries
StringFromGUID2
CoInitialize

advapi32

RegSetValueW
RegSetValueExW
RegCreateKeyW
RegEnumKeyExW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f65638efe1be3baf70d0082d6775691

Headers

File Characteristics

Imports

kernel32

shell32

avifil32

user32

ole32

advapi32

Sections

.text Size: 99KB - Virtual size: 98KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 72KB - Virtual size: 71KB

.tls Size: 1024B - Virtual size: 252KB

.text
Size: 99KB - Virtual size: 98KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 72KB - Virtual size: 71KB

.tls
Size: 1024B - Virtual size: 252KB