JaffaCakes118_941795a65af07a349d3d9bd7bb8c77a2

General

Target

JaffaCakes118_941795a65af07a349d3d9bd7bb8c77a2
Size

175KB
MD5

941795a65af07a349d3d9bd7bb8c77a2
SHA1

58aade3d1e8c5285b6a3413038a1dc039307aec8
SHA256

1b06879a9c0fb6c96885cd6d78700673ec1be6e31d8ffe677b96f03846bc3f04
SHA512

37719660b96caf819657146d8ff579d30bdb745db84e6a172f53704f0910198d9c61056cdec91b9f533978eb6a7b62cafe302f4013295510adad181ae8d1e6b4
SSDEEP

3072:Oe1gpuU2nZCuoW/ZIZMiQLZN6BCalsJGLTeKMcUTW:OeBJZCu1/KZMvLXCfsiTkcUTW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_941795a65af07a349d3d9bd7bb8c77a2

Files

JaffaCakes118_941795a65af07a349d3d9bd7bb8c77a2
.exe windows:4 windows x86 arch:x86

3eb7538b462e1fe12c67aa3d0223a7f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

avifil32

AVISaveOptions
AVIMakeCompressedStream

kernel32

DisableThreadLibraryCalls
GetTempFileNameA
LocalAlloc
lstrlenA
EnterCriticalSection
RemoveDirectoryW
CloseHandle
GetTempPathA
GetShortPathNameA
GetProcAddress
FindClose
GetThreadLocale
DeleteFileA
LoadLibraryW
CreateDirectoryA
GetModuleFileNameA
CreateDirectoryW
InterlockedDecrement
CopyFileA
GetACP
MultiByteToWideChar
FindFirstFileW
FindNextFileW
GetProcessAffinityMask
MulDiv
GetVersionExW
GetModuleFileNameW
SetFileAttributesW
lstrlenW
FreeLibrary
GetLastError
GetCurrentThreadId
WriteFile
ReadFile
GetSystemTime
Sleep
GetLocaleInfoA
EnumResourceTypesW
InterlockedExchange
InterlockedIncrement
GetFileAttributesA
TerminateProcess
DeleteCriticalSection
LeaveCriticalSection
WideCharToMultiByte
SetFileAttributesA
GetTempFileNameW
GetCurrentProcessId
GetTempPathW
ReleaseMutex
LocalFree
InitializeCriticalSection
OutputDebugStringW
SetFilePointer
DeleteFileW
QueryPerformanceCounter
GetVersionExA
GetTickCount
CreateMutexA
CreateFileA
OutputDebugStringA
WaitForSingleObject
GetSystemTimeAsFileTime

winmm

timeGetTime

user32

SetRectEmpty
CopyRect
ReleaseDC
PeekMessageW
DispatchMessageW
IsRectEmpty
wsprintfW
FillRect
TranslateMessage
OffsetRect
GetClientRect
GetDC
GetWindowRect

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3eb7538b462e1fe12c67aa3d0223a7f3

Headers

File Characteristics

Imports

avifil32

kernel32

winmm

user32

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 2KB - Virtual size: 2KB

.bss Size: 69KB - Virtual size: 69KB

.tls Size: 1024B - Virtual size: 248KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 2KB - Virtual size: 2KB

.bss
Size: 69KB - Virtual size: 69KB

.tls
Size: 1024B - Virtual size: 248KB