f7a587bd4b88d4b94d4b16047947a5c7_JaffaCakes118

General

Target

f7a587bd4b88d4b94d4b16047947a5c7_JaffaCakes118
Size

163KB
MD5

f7a587bd4b88d4b94d4b16047947a5c7
SHA1

bc29bb636f70d2874e87597a6dfeaf81f3b8a47c
SHA256

3b847aad854ebbbbd6255deecd49db6d2989c32c0c840b8d67481b6deb4bd657
SHA512

c26e59cf46bdddbc47576689c5951a17f9ff5a8cd2b59111c27fc0af7209d1a849d1bb60a4ee0da00f25f60670e9cd4554b54262e903e2a4d4e69dd47c0dcbb0
SSDEEP

3072:kLdq4yiuPJDlbNxoK1/QMvMcIKBInFwJGe+XFcgHPyPSrh4/lv5BKN:kLk4yiuPJDlbDoK1/QMvMoInwG7XcKyM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7a587bd4b88d4b94d4b16047947a5c7_JaffaCakes118

Files

f7a587bd4b88d4b94d4b16047947a5c7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

072e70ce30d248a1bbaa014a23a75120

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

kernel32

LocalAlloc
RemoveDirectoryW
DeleteFileA
SetFileAttributesW
FindFirstFileW
GetLastError
GetModuleFileNameA
SignalObjectAndWait
CreateDirectoryW
GetTempPathW
GetTempFileNameA
GetLocaleInfoA
OutputDebugStringA
GetProcAddress
CloseHandle
GetProcessAffinityMask
LocalFree
WriteFile
CreateFileA
LeaveCriticalSection
GetACP
CopyFileA
OutputDebugStringW
GetModuleFileNameW
GetVersionExA
GetTempPathA
GetCurrentThreadId
EnumResourceTypesW
MulDiv
InterlockedExchange
GetTickCount
CreateMutexA
MultiByteToWideChar
EnterCriticalSection
SetFileAttributesA
InitializeCriticalSection
WideCharToMultiByte
GetCurrentProcessId
TerminateProcess
CreateDirectoryA
ReadFile
GetFileAttributesA
FindClose
LoadLibraryW
SetFilePointer
FindNextFileW
DisableThreadLibraryCalls
GetSystemTime
InterlockedDecrement
Sleep
FreeLibrary
lstrlenW
InterlockedIncrement
ReleaseMutex
GetVersionExW
GetThreadLocale
DeleteCriticalSection
QueryPerformanceCounter
DeleteFileW
lstrlenA
GetTempFileNameW
WaitForSingleObject
GetSystemTimeAsFileTime

user32

OffsetRect
TranslateMessage
PeekMessageW
FillRect
GetDC
GetClientRect
SetRectEmpty
IsRectEmpty
CopyRect
wsprintfW
ReleaseDC
DispatchMessageW
GetWindowRect

avifil32

AVISaveOptions
AVIMakeCompressedStream

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

072e70ce30d248a1bbaa014a23a75120

Headers

File Characteristics

Imports

winmm

kernel32

user32

avifil32

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 2KB - Virtual size: 2KB

.bss Size: 63KB - Virtual size: 62KB

.tls Size: 1024B - Virtual size: 104KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 2KB - Virtual size: 2KB

.bss
Size: 63KB - Virtual size: 62KB

.tls
Size: 1024B - Virtual size: 104KB