e4dc0f72cc5862a204738cb9c6429288_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e4dc0f72cc5862a204738cb9c6429288_JaffaCakes118
Size

166KB
MD5

e4dc0f72cc5862a204738cb9c6429288
SHA1

1b1d5df55f676171259b57e8c334803143c3a08c
SHA256

cd55b78b513ceac946fc91ca72dc6c5d0f0c05a5c80d0d0d0ffe006062f86da7
SHA512

eef58327b97248baea2e04f28173f93be400af2e1e4173f468cb641106fe5046636ce593d42ad8c882b330cfd04401a80c5bdde13bf218df3f00c15ccd4e386e
SSDEEP

3072:1xAKwmQwtNH6n9jB5wkpPFzlC90/W7IlTk/1SRm4TKHXe6aluzzdXo9:1O6V6n9jLtFU/OASRvT6OafdXo9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e4dc0f72cc5862a204738cb9c6429288_JaffaCakes118

Files

e4dc0f72cc5862a204738cb9c6429288_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cfa83fc4958cdeba498e8fe6c2b590b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
GlobalLock
DeviceIoControl
DeleteCriticalSection
VirtualFree
GetVersionExA
GlobalUnlock
WaitForMultipleObjects
SetFileAttributesA
GetModuleFileNameW
Sleep
GetSystemTime
GlobalFree
MultiByteToWideChar
DeleteFileA
GetCurrentThreadId
LocalAlloc
GetModuleFileNameA
GetPriorityClass
GetTempFileNameA
InterlockedIncrement
GetFileSize
EnumResourceTypesW
CopyFileA
CreateDirectoryA
LocalFree
GetVolumeInformationA
ReadFile
CreateFileA
CreateFileW
CreateMutexA
VirtualAlloc
GetTickCount
GetLastError
GetTempPathA
ExitProcess
SetFilePointer
ReleaseMutex
DisableThreadLibraryCalls
CloseHandle
GetSystemTimeAsFileTime
QueryPerformanceCounter
lstrlenA
GetFileAttributesA
WaitForSingleObject
InterlockedDecrement
GetCurrentProcessId
InitializeCriticalSection
FreeLibrary

shlwapi

PathFileExistsW
PathFileExistsA
StrStrIW

gdi32

CreateCompatibleBitmap
DeleteDC
GetObjectA
SelectObject
BitBlt
SetStretchBltMode
PatBlt
CreateDCA
DeleteObject
CreateDIBSection
GetStockObject
CreateCompatibleDC
StretchBlt
SetDIBits

user32

EnableWindow
IsWindow
PeekMessageA
AttachThreadInput
PostMessageA
GetClientRect
BringWindowToTop
TranslateMessage
ReleaseDC
FillRect
DispatchMessageA
SendMessageA
CopyRect
RegisterClassA
SetParent
DefWindowProcA
wsprintfA
SetRect
GetDesktopWindow
EqualRect
InvalidateRect
GetDC
InflateRect
UnregisterClassA

avifil32

AVISaveOptions
AVIMakeCompressedStream

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cfa83fc4958cdeba498e8fe6c2b590b0

Headers

File Characteristics

Imports

kernel32

shlwapi

gdi32

user32

avifil32

Sections

.text Size: 96KB - Virtual size: 96KB

.rdata Size: 2KB - Virtual size: 2KB

.bss Size: 65KB - Virtual size: 65KB

.tls Size: 1024B - Virtual size: 104KB

.text
Size: 96KB - Virtual size: 96KB

.rdata
Size: 2KB - Virtual size: 2KB

.bss
Size: 65KB - Virtual size: 65KB

.tls
Size: 1024B - Virtual size: 104KB