JaffaCakes118_7b52ffae7f920b2562d5dd51c52bdcc1

General

Target

JaffaCakes118_7b52ffae7f920b2562d5dd51c52bdcc1
Size

175KB
MD5

7b52ffae7f920b2562d5dd51c52bdcc1
SHA1

3ba49d344daf610ebbe908793316fae3c3b3a215
SHA256

3cba8c269d792d81024d5f7f5102d6de548839d01e4f7bf5b346b32773cf317e
SHA512

70805e6b8d564fe3eb96d666532b22e0711b2cfc911de255d13b42ca8dff729464d97059592e8ebc1c150120de0d8876aeee12717b862faed544a0b1047406a4
SSDEEP

3072:Oe1gpuU2nZCuoW/ZIZMiQLZN6BCalsJGLTeKMcUTW:OeBJZCu1/KZMvLXCfsiTkcUTW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7b52ffae7f920b2562d5dd51c52bdcc1

Files

JaffaCakes118_7b52ffae7f920b2562d5dd51c52bdcc1
.exe windows:4 windows x86 arch:x86

3eb7538b462e1fe12c67aa3d0223a7f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

avifil32

AVISaveOptions
AVIMakeCompressedStream

kernel32

DisableThreadLibraryCalls
GetTempFileNameA
LocalAlloc
lstrlenA
EnterCriticalSection
RemoveDirectoryW
CloseHandle
GetTempPathA
GetShortPathNameA
GetProcAddress
FindClose
GetThreadLocale
DeleteFileA
LoadLibraryW
CreateDirectoryA
GetModuleFileNameA
CreateDirectoryW
InterlockedDecrement
CopyFileA
GetACP
MultiByteToWideChar
FindFirstFileW
FindNextFileW
GetProcessAffinityMask
MulDiv
GetVersionExW
GetModuleFileNameW
SetFileAttributesW
lstrlenW
FreeLibrary
GetLastError
GetCurrentThreadId
WriteFile
ReadFile
GetSystemTime
Sleep
GetLocaleInfoA
EnumResourceTypesW
InterlockedExchange
InterlockedIncrement
GetFileAttributesA
TerminateProcess
DeleteCriticalSection
LeaveCriticalSection
WideCharToMultiByte
SetFileAttributesA
GetTempFileNameW
GetCurrentProcessId
GetTempPathW
ReleaseMutex
LocalFree
InitializeCriticalSection
OutputDebugStringW
SetFilePointer
DeleteFileW
QueryPerformanceCounter
GetVersionExA
GetTickCount
CreateMutexA
CreateFileA
OutputDebugStringA
WaitForSingleObject
GetSystemTimeAsFileTime

winmm

timeGetTime

user32

SetRectEmpty
CopyRect
ReleaseDC
PeekMessageW
DispatchMessageW
IsRectEmpty
wsprintfW
FillRect
TranslateMessage
OffsetRect
GetClientRect
GetDC
GetWindowRect

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3eb7538b462e1fe12c67aa3d0223a7f3

Headers

File Characteristics

Imports

avifil32

kernel32

winmm

user32

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 2KB - Virtual size: 2KB

.bss Size: 69KB - Virtual size: 69KB

.tls Size: 1024B - Virtual size: 248KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 2KB - Virtual size: 2KB

.bss
Size: 69KB - Virtual size: 69KB

.tls
Size: 1024B - Virtual size: 248KB