16b38c067c807c684d1779abf65b0019_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

16b38c067c807c684d1779abf65b0019_JaffaCakes118
Size

181KB
MD5

16b38c067c807c684d1779abf65b0019
SHA1

340803138ad05dddaead6494372878dcf0fa7621
SHA256

146a12be0fb5db0fb682910795b113d2dc324b937e30f684366c2ace3e4377f0
SHA512

3db7e47a309e7b733280e78e58032985a0a116abf0c50a73cd418fbcfa43fe9e3e2bd5b68a4966d4a3cfa49321dfc5b60a1549339fef410e1b49cae4229a1aec
SSDEEP

3072:iIPiMLTcXg4sPhZXUge7uFl/8e2nUSHr9PtzEwjdCX5rW0aRtIV8WfRiUB:JrAwDUgke2nHL9ewjdCXsRtuX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16b38c067c807c684d1779abf65b0019_JaffaCakes118

Files

16b38c067c807c684d1779abf65b0019_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fecbe5c89ee42017e1b9438d8b990de7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

AnimatePalette
SetStretchBltMode
GetPath
CreatePen
CreateFontIndirectA
PolyBezier
FlattenPath
GetBkColor
GetBitmapBits
ExtCreatePen
StrokePath
PlgBlt
RoundRect
SetTextColor
SetDIBits

user32

CallNextHookEx
ChildWindowFromPoint
EmptyClipboard
GetSysColorBrush
DestroyCursor
ClipCursor
MonitorFromWindow
ToAscii
DestroyIcon
WinHelpW
IsClipboardFormatAvailable
SetClipboardData
SetScrollRange
UnhookWindowsHookEx
SetWindowPos
SetWindowsHookExW
DrawEdge
DefWindowProcW
RegisterClassW
GetSysColor

comdlg32

GetFileTitleA

ole32

StringFromCLSID
RegisterDragDrop
CoFreeUnusedLibraries
RevokeDragDrop
ReleaseStgMedium
CLSIDFromProgID
CoGetClassObject
StgCreateDocfileOnILockBytes
CLSIDFromString
OleDuplicateData
GetHGlobalFromILockBytes
CoTaskMemAlloc
CoGetMalloc
CoCreateInstance
CoCreateGuid
ProgIDFromCLSID
GetHGlobalFromStream
StgOpenStorageOnILockBytes
OleGetAutoConvert
OleRun
CreateStreamOnHGlobal
OleRegGetUserType
CoTaskMemFree
CreateILockBytesOnHGlobal

kernel32

GetProfileStringW
IsDBCSLeadByte
GetVolumeInformationW
CreateFiber
LocalAlloc
SetEndOfFile
SetCommConfig
FileTimeToLocalFileTime
SearchPathW
GetFileType
GetFileAttributesA
FileTimeToSystemTime
EnumResourceNamesW
GetSystemTime
UnlockFile
LockFile
FlushFileBuffers
FlushFileBuffers
CompareStringW
FindResourceExA
GetUserDefaultLangID
VerLanguageNameW
GetVersionExW
GetFileTime
GetSystemDirectoryW

comctl32

ImageList_Add
ImageList_DrawEx
ImageList_Create
ImageList_GetIconSize
ImageList_Destroy

rpcrt4

NdrClientCall
RpcBindingSetAuthInfoA
RpcStringBindingComposeA
RpcBindingFromStringBindingA
RpcStringFreeA

shlwapi

PathStripToRootW
PathIsRelativeW
PathIsRootW
PathIsURLW
PathCanonicalizeW
PathCombineW

Sections

.text
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fecbe5c89ee42017e1b9438d8b990de7

Headers

File Characteristics

Imports

gdi32

user32

comdlg32

ole32

kernel32

comctl32

rpcrt4

shlwapi

Sections

.text Size: 157KB - Virtual size: 157KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 19KB - Virtual size: 19KB

.lib Size: 512B - Virtual size: 76KB

.text
Size: 157KB - Virtual size: 157KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 19KB - Virtual size: 19KB

.lib
Size: 512B - Virtual size: 76KB