25d1d72a16ac9a1191ae4fe4d33191eb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

25d1d72a16ac9a1191ae4fe4d33191eb_JaffaCakes118
Size

193KB
MD5

25d1d72a16ac9a1191ae4fe4d33191eb
SHA1

5dd0e31a3a4eb501b78ea426c5e3300ebe9e9bf8
SHA256

192babb5daf2c214d86009984c695fa7660eb8fa329994509264dd230ae2b86d
SHA512

8f6eccf4f141eb7bb905c5e9700cc6fd22f161ce8f0e8811b393bda3a61008ceb1e3b1bd498cbfb38ba3f45afe9d393692c2d595bede2c476f97f23abc21255e
SSDEEP

3072:QXebiNyM8ceOGd/L6Tr27tErhSAnvG6FJgztyvhobyv9Feyq+imnDXZKsz:QfivOI2+QhSANJg50KbuFeyq+imnDf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25d1d72a16ac9a1191ae4fe4d33191eb_JaffaCakes118

Files

25d1d72a16ac9a1191ae4fe4d33191eb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

69fb56e396bc774816fde7e06eefa8a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

CoCreateInstance
CoGetClassObject
GetHGlobalFromILockBytes
StgCreateDocfileOnILockBytes
CLSIDFromProgID
OleGetAutoConvert
ReleaseStgMedium
RegisterDragDrop
StgOpenStorageOnILockBytes
OleRun
StringFromCLSID
OleDuplicateData
CoTaskMemAlloc
CLSIDFromString
CoGetMalloc
CreateStreamOnHGlobal
OleRegGetUserType
CoCreateGuid
ProgIDFromCLSID
RevokeDragDrop
CoTaskMemFree
GetHGlobalFromStream
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal

kernel32

SearchPathW
FindResourceExA
GetVersionExW
CreateFiberEx
LockFile
SetCommConfig
SetEndOfFile
FlushFileBuffers
GetUserDefaultLangID
FileTimeToLocalFileTime
CompareStringW
EnumResourceNamesW
FileTimeToSystemTime
GetProfileStringW
UnlockFile
GetVolumeInformationW
FlushFileBuffers
GetFileTime
IsDBCSLeadByte
LocalAlloc
GetFileAttributesA
GetSystemTime
VerLanguageNameW
GetFileType
GetSystemDirectoryW

gdi32

ExtCreatePen
GetBkColor
PolyBezier
PlgBlt
StrokePath
CreatePen
SetTextColor
RoundRect
FlattenPath
CreateFontIndirectA
GetBitmapBits
GetPath
AnimatePalette
SetStretchBltMode
SetDIBits

shlwapi

PathStripToRootW
PathIsRelativeW
PathIsURLW
PathCanonicalizeW
PathIsRootW
PathCombineW

comctl32

ImageList_Add
ImageList_Create
ImageList_DrawEx
ImageList_GetIconSize
ImageList_Destroy

rpcrt4

NdrClientCall
RpcStringBindingComposeA
RpcBindingFromStringBindingA
RpcBindingSetAuthInfoA
RpcStringFreeA

comdlg32

GetFileTitleA

user32

SetWindowsHookExW
CallNextHookEx
IsClipboardFormatAvailable
SetClipboardData
MonitorFromWindow
DestroyIcon
SetScrollRange
UnhookWindowsHookEx
ClipCursor
ChildWindowFromPoint
RegisterClassW
EmptyClipboard
DrawEdge
WinHelpW
ToAscii
DestroyCursor
DefWindowProcW
SetWindowPos
GetSysColorBrush
GetSysColor

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69fb56e396bc774816fde7e06eefa8a2

Headers

File Characteristics

Imports

ole32

kernel32

gdi32

shlwapi

comctl32

rpcrt4

comdlg32

user32

Sections

.text Size: 172KB - Virtual size: 172KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 16KB - Virtual size: 16KB

.lib Size: 512B - Virtual size: 216KB

.text
Size: 172KB - Virtual size: 172KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 16KB - Virtual size: 16KB

.lib
Size: 512B - Virtual size: 216KB