JaffaCakes118_76a98fad0616b23e1e3778ad0996856c

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_76a98fad0616b23e1e3778ad0996856c
Size

182KB
MD5

76a98fad0616b23e1e3778ad0996856c
SHA1

220d7c7a04ff044dc91b5987c525b76fd075d371
SHA256

0c8a14aac10761f9c283e4da4aef62dba8697880f8b7a8ce9f47e0db325cb9ef
SHA512

444850c009dcc22b2497f412e1da8769c11b0db31d7a95332e813222cff002aa96c96d93a5dbcad97e5a632fc33f7038ccd18d3d07352258999e4756d15c9111
SSDEEP

3072:9FBieHSOEbGyGb4gxhVS1z8Q3h5v5ZzcYH4jbJ4O13bddkXjjWF9FMt58r2:fFkGyIxh2z8Gl5Zzc9jbJ4ODKXnWGz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_76a98fad0616b23e1e3778ad0996856c

Files

JaffaCakes118_76a98fad0616b23e1e3778ad0996856c
.exe windows:4 windows x86 arch:x86

72ec115daee9ff6150e4661791907543

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAppendW
PathRemoveBackslashW
PathAddBackslashW
PathIsDirectoryW
PathCombineW
PathFileExistsW
PathRenameExtensionW
PathFileExistsA
PathRemoveFileSpecW

shell32

SHGetSpecialFolderPathA

winmm

timeGetTime

avifil32

AVISaveOptions
AVIMakeCompressedStream

ole32

CoFreeUnusedLibraries
CoCreateInstance
StringFromGUID2
CoUninitialize
CoInitialize

user32

ReleaseDC
CopyRect
DispatchMessageW
GetDC
wsprintfW
OffsetRect
PeekMessageW
FillRect
IsRectEmpty
GetClientRect
TranslateMessage
SetRectEmpty
GetWindowRect

kernel32

LeaveCriticalSection
FindClose
InitializeCriticalSection
LoadLibraryW
OutputDebugStringW
MultiByteToWideChar
QueryPerformanceCounter
InterlockedDecrement
Sleep
GetTempPathA
WaitNamedPipeA
GetModuleFileNameW
GetVersionExA
InterlockedExchange
FindFirstFileW
GetLastError
CreateDirectoryA
lstrlenA
GetCurrentThreadId
GetCurrentProcessId
lstrlenW
GetProcessAffinityMask
GetTempPathW
LocalFree
SetFileAttributesW
GetTickCount
CreateMutexA
GetProcAddress
GetTempFileNameA
EnumResourceTypesW
WaitForSingleObject
WideCharToMultiByte
SetFilePointer
FreeLibrary
InterlockedIncrement
WriteFile
GetThreadLocale
CreateDirectoryW
GetACP
CloseHandle
ReadFile
MulDiv
GetVersionExW
GetLocaleInfoA
DeleteCriticalSection
CopyFileA
ExitProcess
DeleteFileA
LocalAlloc
RemoveDirectoryW
GetFileAttributesA
SetFileAttributesA
ReleaseMutex
DisableThreadLibraryCalls
OutputDebugStringA
FindNextFileW
DeleteFileW
CreateFileA
GetSystemTime
GetTempFileNameW
EnterCriticalSection
GetModuleFileNameA
GetSystemTimeAsFileTime

gdi32

CreateBitmap
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
CreateDIBSection
CreateSolidBrush
SetBrushOrgEx
GetObjectType
DeleteObject
BitBlt
GetObjectW
GetDIBits
DeleteDC
SelectObject
StretchBlt
SetBkColor
SetStretchBltMode

advapi32

RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExA
RegSetValueExW
RegQueryValueExW
RegQueryValueExA
RegSetValueExA
RegOpenKeyExW
RegOpenKeyExA
RegSetValueW
RegCreateKeyW
RegDeleteKeyA

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72ec115daee9ff6150e4661791907543

Headers

File Characteristics

Imports

shlwapi

shell32

winmm

avifil32

ole32

user32

kernel32

gdi32

advapi32

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 75KB - Virtual size: 75KB

.tls Size: 1024B - Virtual size: 124KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 75KB - Virtual size: 75KB

.tls
Size: 1024B - Virtual size: 124KB