JaffaCakes118_2edd6e9f94a8ac44da66992fff4a087a

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_2edd6e9f94a8ac44da66992fff4a087a
Size

175KB
MD5

2edd6e9f94a8ac44da66992fff4a087a
SHA1

5af8af8df56a4ac8a9aa3c4121b48f01941697be
SHA256

66ac085c7eb8600d0418250ccdbc5b529d8d02c272adc6339943d2b6676cec3b
SHA512

4134f7dd5a19124f3b9c83d7199f976186b8cd5caf22a516612adb5eaa7f7556a55060b31dce3fcba8835364d6a1658b5ea204599fbf697a4b193c07d0b89290
SSDEEP

3072:KbzXh08N1lp5indoYxVgYOdSmuGZhVgxUZYYg:KbLh0i1lpvyVgYOd6GZb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_2edd6e9f94a8ac44da66992fff4a087a

Files

JaffaCakes118_2edd6e9f94a8ac44da66992fff4a087a
.exe windows:4 windows x86 arch:x86

0e71192d76f7cbe91d21d3ca6ba70458

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoUninitialize
CoFreeUnusedLibraries
StringFromGUID2
CoCreateInstance
CoInitialize

user32

IsRectEmpty
GetClientRect
PeekMessageW
TranslateMessage
CopyRect
ReleaseDC
GetDC
OffsetRect
SetRectEmpty
wsprintfW
FillRect
DispatchMessageW
GetWindowRect

kernel32

SetFilePointer
RemoveDirectoryW
GetTempPathA
WaitForMultipleObjects
OutputDebugStringA
CloseHandle
DeleteFileA
GetTickCount
GetThreadLocale
GetVersionExW
DisableThreadLibraryCalls
DeleteCriticalSection
CreateDirectoryW
CreateMutexA
GetProcAddress
GetSystemTime
OutputDebugStringW
InterlockedDecrement
GetPriorityClass
WideCharToMultiByte
ReadFile
SetFileAttributesW
GetLastError
GetTempFileNameA
LeaveCriticalSection
LoadLibraryW
InitializeCriticalSection
LocalFree
CreateDirectoryA
SetFileAttributesA
lstrlenW
lstrlenA
DeleteFileW
GetCurrentThreadId
EnumResourceTypesW
ReleaseMutex
InterlockedExchange
GetCurrentProcessId
FindClose
EnterCriticalSection
LocalAlloc
MultiByteToWideChar
WaitForSingleObject
QueryPerformanceCounter
InterlockedIncrement
ExitProcess
FindNextFileW
GetLocaleInfoA
FreeLibrary
MulDiv
GetModuleFileNameA
GetFileAttributesA
CreateFileA
GetTempPathW
Sleep
WriteFile
GetTempFileNameW
GetACP
GetModuleFileNameW
FindFirstFileW
CopyFileA
GetVersionExA
GetSystemTimeAsFileTime

avifil32

AVISaveOptions
AVIMakeCompressedStream

advapi32

RegSetValueExA
RegDeleteKeyW
RegCreateKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExW
RegSetValueW
RegEnumKeyExW
RegQueryValueExA
RegCloseKey
RegDeleteKeyA

gdi32

SetBkColor
StretchBlt
CreateCompatibleDC
GetDIBits
CreateBitmap
CreateCompatibleBitmap
CreateDIBSection
DeleteDC
BitBlt
CreateSolidBrush
SetBrushOrgEx
SelectObject
DeleteObject
GetObjectType
CreateDCW
GetObjectW
SetStretchBltMode

winmm

timeGetTime

shlwapi

PathFileExistsA
PathFileExistsW
PathCombineW
PathAppendW
PathIsDirectoryW
PathAddBackslashW
PathRenameExtensionW
PathRemoveBackslashW
PathRemoveFileSpecW

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e71192d76f7cbe91d21d3ca6ba70458

Headers

File Characteristics

Imports

ole32

user32

kernel32

avifil32

advapi32

gdi32

winmm

shlwapi

shell32

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 70KB - Virtual size: 69KB

.tls Size: 1024B - Virtual size: 380KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 70KB - Virtual size: 69KB

.tls
Size: 1024B - Virtual size: 380KB