JaffaCakes118_789e1b6b60f689349f205b860ea72f66

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_789e1b6b60f689349f205b860ea72f66
Size

163KB
MD5

789e1b6b60f689349f205b860ea72f66
SHA1

3121b5bf18e3857a389c2bb7fc4a1ae562277ffa
SHA256

93e73e8f74de69a16dc2bdbdb9ce1ee8c3d684a1a6c3e6de033bc9494ce4dd4d
SHA512

ec4904f86c84131abdac3315987324808e75cc206e4e6a9c5271f555e2a9c0f22d7d37d7cf19fc55b8d92a2b1c6a2d68f6ad7e90d1e330ba00e8fa30565b6881
SSDEEP

3072:6gnH7p4Pxsw1PyMG4cM7hhiy/Ww6lhXjJ1SZYBepL4:6gnt4PxswFyMGGSy/Ww6L9QeBgc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_789e1b6b60f689349f205b860ea72f66

Files

JaffaCakes118_789e1b6b60f689349f205b860ea72f66
.exe windows:4 windows x86 arch:x86

6ae3701d8bb86fa100c2addde1b94a71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
LocalFree
SetFilePointer
InterlockedIncrement
CreateFileA
WaitForMultipleObjects
WideCharToMultiByte
GetSystemTime
GetModuleFileNameW
GlobalFree
GetPriorityClass
VirtualFree
GetVersionExA
DisableThreadLibraryCalls
GetTickCount
CreateDirectoryA
GetTempPathA
GetCurrentThreadId
DeleteCriticalSection
GlobalUnlock
ReleaseMutex
CreateMutexA
EnumResourceTypesW
GetFileAttributesA
DeleteFileA
QueryPerformanceCounter
CloseHandle
GetSystemTimeAsFileTime
LocalAlloc
InitializeCriticalSection
GlobalLock
GetVolumeInformationA
ReadFile
CreateFileW
GetFileSize
lstrlenA
VirtualAlloc
ExitProcess
CopyFileA
GetTempFileNameA
DeviceIoControl
InterlockedDecrement
SetFileAttributesA
GetLastError
WaitForSingleObject
Sleep
GetCurrentProcessId
MultiByteToWideChar
FreeLibrary

avifil32

AVISaveOptions
AVIMakeCompressedStream

shlwapi

PathFileExistsW
PathFileExistsA
StrStrIW

gdi32

BitBlt
GetStockObject
DeleteObject
SetStretchBltMode
SelectObject
CreateCompatibleBitmap
PatBlt
CreateDIBSection
CreateDCA
CreateCompatibleDC
DeleteDC
StretchBlt
GetObjectA
SetDIBits

user32

GetClientRect
ReleaseDC
PeekMessageA
BringWindowToTop
GetDC
EqualRect
DefWindowProcA
wsprintfA
RegisterClassA
DispatchMessageA
InvalidateRect
AttachThreadInput
IsWindow
SendMessageA
PostMessageA
GetDesktopWindow
FillRect
InflateRect
TranslateMessage
SetParent
SetRect
EnableWindow
CopyRect
UnregisterClassA

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ae3701d8bb86fa100c2addde1b94a71

Headers

File Characteristics

Imports

kernel32

avifil32

shlwapi

gdi32

user32

Sections

.text Size: 96KB - Virtual size: 96KB

.rdata Size: 2KB - Virtual size: 2KB

.bss Size: 62KB - Virtual size: 62KB

.tls Size: 1024B - Virtual size: 100KB

.text
Size: 96KB - Virtual size: 96KB

.rdata
Size: 2KB - Virtual size: 2KB

.bss
Size: 62KB - Virtual size: 62KB

.tls
Size: 1024B - Virtual size: 100KB