JaffaCakes118_95ac0d2977842490a1b278b27ae3ee93

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_95ac0d2977842490a1b278b27ae3ee93
Size

182KB
MD5

95ac0d2977842490a1b278b27ae3ee93
SHA1

506427959b10860337212165f24699c6b9d04b32
SHA256

2e07becd55af51e8a1df8701670dfd9e0e9d691a13cd40f8c6641b5f62e5bba0
SHA512

975b016660ee3b01ed1a04bd2c058553514c680e7820cf2444d50331745d2acd951bab6cce920426ceb4a15597c5ca1593dec5e73789a6ebf7f0cc01f74698af
SSDEEP

3072:r1gIwVlFIVwVt+BevM3XqwaLw8y+E3N9QQ8uBLbkpkQr21f8G6G91Eo7OD:xsIIiqwaLw8FQXQQNBEpHr2JZdGo7O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_95ac0d2977842490a1b278b27ae3ee93

Files

JaffaCakes118_95ac0d2977842490a1b278b27ae3ee93
.exe windows:4 windows x86 arch:x86

918ecf1f01aeb903332e049bdc278d12

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExW
RegCreateKeyW
RegOpenKeyExW
RegCloseKey
RegSetValueW
RegSetValueExW
RegDeleteKeyW

user32

GetWindowRect
PtInRect
GetActiveWindow
wsprintfW
TrackPopupMenuEx
FrameRect
DrawTextW
LoadImageW
ScreenToClient
LoadCursorW
IntersectRect
EnableWindow
GetSysColor
BringWindowToTop
IsRectEmpty
GetParent
CreatePopupMenu
IsWindow
GetSystemMetrics
ReleaseCapture
SetRect
DrawFocusRect
SetCapture
GetWindowLongW
GetDesktopWindow
FillRect
ReleaseDC
ClientToScreen
SetForegroundWindow
UnionRect
PostMessageW
SetRectEmpty
KillTimer
DefWindowProcW
InflateRect
EqualRect
DestroyMenu
ShowScrollBar
SetFocus
FindWindowExW
SetTimer
SetWindowLongW
OffsetRect
GetClientRect
GetCursorPos
UpdateWindow
IsWindowVisible
SetCursor
GetSysColorBrush
SendMessageW
GetDC
CopyRect
InvalidateRect

kernel32

InitializeCriticalSection
GetACP
InterlockedExchange
SetEvent
WaitForMultipleObjectsEx
FileTimeToSystemTime
GetModuleFileNameA
FindCloseChangeNotification
FileTimeToLocalFileTime
MulDiv
GlobalLock
EnterCriticalSection
GetTickCount
GetFullPathNameW
WaitForSingleObject
FindNextChangeNotification
GetVersionExW
DisableThreadLibraryCalls
GetProcessId
InterlockedDecrement
GlobalUnlock
GetLocaleInfoA
GlobalReAlloc
CreateEventW
EnumResourceTypesW
lstrlenA
lstrlenW
Sleep
DeleteCriticalSection
CreateThread
GetProcAddress
GetLastError
FindFirstChangeNotificationW
ExitProcess
LeaveCriticalSection
GetSystemTimeAsFileTime
InterlockedIncrement
GetCurrentProcessId
GlobalAlloc
MultiByteToWideChar
GetModuleHandleW
FindClose
WideCharToMultiByte
QueryPerformanceCounter
lstrcpynW
ResetEvent
FreeLibrary
GetThreadLocale
GetDriveTypeW
CloseHandle
FindFirstFileW
GetCurrentThreadId
GetVersionExA

shell32

SHGetDesktopFolder
SHGetPathFromIDListW
DragQueryFileW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetFileInfoW

ole32

StringFromGUID2
CoFreeUnusedLibraries
OleUninitialize
CoCreateInstance
OleInitialize
CoUninitialize
CoInitialize

avifil32

AVISaveOptions
AVIMakeCompressedStream

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

918ecf1f01aeb903332e049bdc278d12

Headers

File Characteristics

Imports

advapi32

user32

kernel32

shell32

ole32

avifil32

Sections

.text Size: 105KB - Virtual size: 105KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 71KB - Virtual size: 71KB

.tls Size: 1024B - Virtual size: 124KB

.text
Size: 105KB - Virtual size: 105KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 71KB - Virtual size: 71KB

.tls
Size: 1024B - Virtual size: 124KB