JaffaCakes118_8fb470d1b4b6d67a3970d3c7b9e8f1e5

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_8fb470d1b4b6d67a3970d3c7b9e8f1e5
Size

164KB
MD5

8fb470d1b4b6d67a3970d3c7b9e8f1e5
SHA1

e534f165db10cdf48e90b91a4777c6a8bf6827be
SHA256

aa61b3486a63f701432f1341321ced553149d7b084e4a0e3d28340a4033c08c9
SHA512

1eb7c9c52d228c50c949ef5b2a7901671e34fb7571220498848f52aa2daf44418d0dc5c4f71e8a00b6d1e3ac3496e74ba7f02471bc10cf99a1744fea97d86785
SSDEEP

3072:dQgbMCivSMirg3J5UFXZ6R2CHykeANfyeBpMVVDKov1jAjW:Sms3J5mVqytUKeLMjP8y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_8fb470d1b4b6d67a3970d3c7b9e8f1e5

Files

JaffaCakes118_8fb470d1b4b6d67a3970d3c7b9e8f1e5
.exe windows:4 windows x86 arch:x86

681a01165727743293071762901582d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsWindowVisible
SetRect
GetWindowLongW
GetDesktopWindow
BringWindowToTop
SetCapture
EqualRect
PtInRect
DefWindowProcW
LoadImageW
SetCursor
ReleaseDC
DestroyMenu
DrawTextW
ReleaseCapture
GetWindowRect
EnableWindow
SetRectEmpty
IsRectEmpty
GetActiveWindow
GetSystemMetrics
IntersectRect
LoadCursorW
SetFocus
GetSysColor
KillTimer
FillRect
GetParent
UnionRect
PostMessageW
GetDC
OffsetRect
CopyRect
DrawFocusRect
wsprintfW
GetClientRect
InflateRect
ShowScrollBar
SetForegroundWindow
SetWindowLongW
CreatePopupMenu
TrackPopupMenuEx
ClientToScreen
FindWindowExW
GetSysColorBrush
UpdateWindow
ScreenToClient
GetCursorPos
IsWindow
FrameRect
SetTimer
SendMessageW
InvalidateRect

ole32

StringFromGUID2
CoFreeUnusedLibraries
OleUninitialize
CoUninitialize
OleInitialize
CoCreateInstance
CoInitialize

advapi32

RegSetValueExW
RegSetValueW
RegOpenKeyExW
RegCreateKeyW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW

shell32

SHGetSpecialFolderLocation
SHGetMalloc
DragQueryFileW
SHGetDesktopFolder
SHGetPathFromIDListW
SHGetFileInfoW

kernel32

FindFirstFileW
GetLastError
GetCurrentThreadId
FileTimeToSystemTime
FindFirstChangeNotificationW
FindClose
ReplaceFileW
GetDriveTypeW
DeleteCriticalSection
ResetEvent
QueryPerformanceCounter
GetVersionExW
GetTickCount
FileTimeToLocalFileTime
GetModuleHandleW
InitializeCriticalSection
FindCloseChangeNotification
GetCurrentProcessId
GetProcessId
CloseHandle
GlobalLock
GetSystemTimeAsFileTime
FreeLibrary
InterlockedIncrement
MulDiv
lstrlenA
EnumResourceTypesA
GetLocaleInfoA
WaitForSingleObject
SetEvent
GetFullPathNameW
Sleep
lstrcpynW
GetProcAddress
CreateEventW
InterlockedDecrement
WideCharToMultiByte
GetThreadLocale
FindNextChangeNotification
ExitProcess
CreateThread
InterlockedExchange
EnterCriticalSection
GlobalUnlock
lstrlenW
GlobalReAlloc
MultiByteToWideChar
GlobalAlloc
LeaveCriticalSection
GetModuleFileNameA
DisableThreadLibraryCalls
GetACP
GetVersionExA

avifil32

AVISaveOptions
AVIMakeCompressedStream

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

681a01165727743293071762901582d9

Headers

File Characteristics

Imports

user32

ole32

advapi32

shell32

kernel32

avifil32

Sections

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 64KB - Virtual size: 63KB

.tls Size: 1024B - Virtual size: 104KB

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 64KB - Virtual size: 63KB

.tls
Size: 1024B - Virtual size: 104KB