e7cfdf4caf82c6fc9466048c48c21fba_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e7cfdf4caf82c6fc9466048c48c21fba_JaffaCakes118
Size

175KB
MD5

e7cfdf4caf82c6fc9466048c48c21fba
SHA1

06438b326fd3b6f2a788e04287ed8b29a2e1981f
SHA256

b7f6f45e676fc03653e6d0e75fbd641a3df750ccfe6c96efeb086cb7b71a44ff
SHA512

d16535fd1c1becbab78d8ff351da4fc76e86e3bca66a32e1ca6dece25c018db8286ee13c3d6abf26dc2e6213e2247f2c700b9f6e4c94149f7b8ee067c83ec568
SSDEEP

3072:qcunpQRY7H8/Z/pG4YiM5DmJkSttRZhPulG3yOB+AbHtoDCmPmr+BQ:t837HYNXzMBmrttRVBvpoJPrQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7cfdf4caf82c6fc9466048c48c21fba_JaffaCakes118

Files

e7cfdf4caf82c6fc9466048c48c21fba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac5f3ac79fe899c8803fe3b84e549138

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
CloseHandle
GetACP
GetVersionExW
GetCurrentThreadId
SetFileAttributesA
InitializeCriticalSection
WaitNamedPipeA
GetThreadLocale
InterlockedDecrement
InterlockedExchange
WideCharToMultiByte
EnterCriticalSection
lstrlenW
GetProcessAffinityMask
DisableThreadLibraryCalls
QueryPerformanceCounter
DeleteCriticalSection
CreateMutexA
OutputDebugStringA
lstrlenA
GetTickCount
MultiByteToWideChar
CreateDirectoryA
WaitForSingleObject
SetFilePointer
DeleteFileA
EnumResourceTypesW
MulDiv
LeaveCriticalSection
GetProcAddress
CreateDirectoryW
GetCurrentProcessId
DeleteFileW
GetTempFileNameA
ReleaseMutex
FindClose
WriteFile
GetLocaleInfoA
GetModuleFileNameA
Sleep
FindFirstFileW
GetTempPathA
LocalFree
CreateFileA
OutputDebugStringW
LocalAlloc
InterlockedIncrement
GetFileAttributesA
FindNextFileW
GetModuleFileNameW
GetSystemTime
ReadFile
SetFileAttributesW
GetLastError
RemoveDirectoryW
GetTempFileNameW
FreeLibrary
TerminateProcess
GetVersionExA
LoadLibraryW
GetTempPathW
GetSystemTimeAsFileTime

avifil32

AVISaveOptions
AVIMakeCompressedStream

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyW
RegCreateKeyExA
RegDeleteKeyW
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegSetValueW
RegDeleteKeyA

winmm

timeGetTime

gdi32

GetDIBits
DeleteObject
CreateSolidBrush
GetObjectType
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
StretchBlt
SetBrushOrgEx
BitBlt
DeleteDC
CreateDCW
GetObjectW
CreateBitmap
CreateDIBSection
SetBkColor
SetStretchBltMode

shlwapi

PathIsDirectoryW
PathAddBackslashW
PathAppendW
PathFileExistsW
PathFileExistsA
PathRenameExtensionW
PathRemoveBackslashW
PathCombineW
PathRemoveFileSpecW

user32

DispatchMessageW
GetDC
wsprintfW
TranslateMessage
GetClientRect
ReleaseDC
SetRectEmpty
FillRect
PeekMessageW
OffsetRect
IsRectEmpty
CopyRect
GetWindowRect

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac5f3ac79fe899c8803fe3b84e549138

Headers

File Characteristics

Imports

kernel32

avifil32

advapi32

winmm

gdi32

shlwapi

user32

Sections

.text Size: 99KB - Virtual size: 99KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 70KB - Virtual size: 70KB

.tls Size: 1024B - Virtual size: 380KB

.text
Size: 99KB - Virtual size: 99KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 70KB - Virtual size: 70KB

.tls
Size: 1024B - Virtual size: 380KB