e2db13ffabda7b98f7db88c055f1ed2a_JaffaCakes118

General

Target

e2db13ffabda7b98f7db88c055f1ed2a_JaffaCakes118
Size

174KB
MD5

e2db13ffabda7b98f7db88c055f1ed2a
SHA1

eaeec9fffa97e1e6ef70f143d7d33d713dab6ff7
SHA256

7b0e5642727a1df949d626a625b679b3c1acba1e12e188e4075bf19170a20fed
SHA512

dd78c7955737efed511d03d769ca6eb3f242a60c0dd9913b910702c1cfd1382d766e0cbd1da207779553848ab722cf1e9967a90598549093eaf9708a3e865952
SSDEEP

3072:cN8KEFR+oANzCsw6063ag9ScrHe5pR1ohJxfe/NHj9c6:cAR+oAkE4gEue5v1og/p9c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e2db13ffabda7b98f7db88c055f1ed2a_JaffaCakes118

Files

e2db13ffabda7b98f7db88c055f1ed2a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7b712fee2caa544570b68761a37d35a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

avifil32

AVISaveOptions
AVIMakeCompressedStream

winmm

timeGetTime

user32

FillRect
CopyRect
TranslateMessage
GetClientRect
wsprintfW
DispatchMessageW
IsRectEmpty
ReleaseDC
PeekMessageW
OffsetRect
SetRectEmpty
GetDC
GetWindowRect

kernel32

OutputDebugStringW
CopyFileA
OutputDebugStringA
GetCurrentProcessId
LoadLibraryW
GetShortPathNameA
lstrlenA
GetVersionExA
EnterCriticalSection
CloseHandle
GetProcessAffinityMask
SetFileAttributesA
MultiByteToWideChar
GetTempFileNameA
GetTempFileNameW
LocalAlloc
CreateDirectoryA
ReadFile
DisableThreadLibraryCalls
SetFilePointer
EnumResourceTypesW
CreateMutexA
GetModuleFileNameA
FreeLibrary
GetTickCount
GetProcAddress
GetSystemTime
GetCurrentThreadId
WriteFile
GetTempPathW
LeaveCriticalSection
LocalFree
CreateFileA
WideCharToMultiByte
TerminateProcess
GetFileAttributesA
GetLastError
WaitForSingleObject
QueryPerformanceCounter
ReleaseMutex
DeleteFileA
InterlockedDecrement
InterlockedIncrement
SetFileAttributesW
GetTempPathA
GetSystemTimeAsFileTime

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b712fee2caa544570b68761a37d35a1

Headers

File Characteristics

Imports

avifil32

winmm

user32

kernel32

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 2KB - Virtual size: 1KB

.bss Size: 66KB - Virtual size: 66KB

.tls Size: 1024B - Virtual size: 380KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 2KB - Virtual size: 1KB

.bss
Size: 66KB - Virtual size: 66KB

.tls
Size: 1024B - Virtual size: 380KB