2aab431a3bb602df5d9d14caaf632955_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2aab431a3bb602df5d9d14caaf632955_JaffaCakes118
Size

197KB
MD5

2aab431a3bb602df5d9d14caaf632955
SHA1

33f932774aeb726034681ba223882d568147cb99
SHA256

c89a4b46a1283d9193b2becb3d7f191771766b8080d164cead53c02474b51a36
SHA512

a3b4184626fa90525c81bc4bbbb011821a5adc6fbf86a77f47ec72dded0d01fd3b724799580d731c5fb5a4515e04ed90b5a91b117dfcdbf52ee160feeeba0292
SSDEEP

3072:CzWGLhNMqW+7bgUh+rQO8JFIrbzGYzcnqkGdWON2v1BbqtX:CzWG1NMSbD2QOiFIrvLcNhF1Bm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2aab431a3bb602df5d9d14caaf632955_JaffaCakes118

Files

2aab431a3bb602df5d9d14caaf632955_JaffaCakes118
.exe windows:4 windows x86 arch:x86

59adc491f3839a36d5e5a0769060e320

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

rpcrt4

NdrClientCall
RpcStringBindingComposeA
RpcBindingSetAuthInfoA
RpcBindingFromStringBindingA
RpcStringFreeA

comdlg32

GetFileTitleA

shlwapi

PathCanonicalizeW
PathIsRootW
PathIsURLW
PathIsRelativeW
PathStripToRootW
PathCombineW

kernel32

GetSystemTime
GetProfileStringW
CreateFiberEx
GetUserDefaultLangID
GetVersionExW
IsDBCSLeadByte
GetFileTime
SearchPathW
SetCommConfig
GetFileType
CompareStringW
FileTimeToSystemTime
EnumResourceNamesW
VerLanguageNameW
FileTimeToLocalFileTime
FlushFileBuffers
LocalAlloc
SetEndOfFile
GetFileAttributesA
UnlockFile
FlushFileBuffers
FindResourceExA
GetVolumeInformationW
LockFile
GetSystemDirectoryW

comctl32

ImageList_Add
ImageList_Create
ImageList_DrawEx
ImageList_GetIconSize
ImageList_Destroy

gdi32

SetTextColor
FlattenPath
SetStretchBltMode
GetBkColor
RoundRect
ExtCreatePen
AnimatePalette
GetBitmapBits
PlgBlt
StrokePath
GetPath
CreatePen
PolyBezier
CreateFontIndirectA
SetDIBits

user32

ChildWindowFromPoint
SetWindowsHookExW
MonitorFromWindow
SetClipboardData
DestroyCursor
UnhookWindowsHookEx
SetScrollRange
DefWindowProcW
CallNextHookEx
SetWindowPos
ToAscii
GetSysColorBrush
DestroyIcon
WinHelpW
ClipCursor
EmptyClipboard
DrawEdge
RegisterClassW
IsClipboardFormatAvailable
GetSysColor

ole32

CoCreateGuid
CoTaskMemFree
CLSIDFromProgID
OleRegGetUserType
RegisterDragDrop
ProgIDFromCLSID
CoGetMalloc
GetHGlobalFromStream
CreateStreamOnHGlobal
CLSIDFromString
StringFromCLSID
StgCreateDocfileOnILockBytes
RevokeDragDrop
CoGetClassObject
OleGetAutoConvert
CoFreeUnusedLibraries
OleDuplicateData
GetHGlobalFromILockBytes
ReleaseStgMedium
StgOpenStorageOnILockBytes
OleRun
CoCreateInstance
CoTaskMemAlloc
CreateILockBytesOnHGlobal

Sections

.text
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59adc491f3839a36d5e5a0769060e320

Headers

File Characteristics

Imports

rpcrt4

comdlg32

shlwapi

kernel32

comctl32

gdi32

user32

ole32

Sections

.text Size: 175KB - Virtual size: 175KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 17KB - Virtual size: 16KB

.lib Size: 512B - Virtual size: 352KB

.text
Size: 175KB - Virtual size: 175KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 17KB - Virtual size: 16KB

.lib
Size: 512B - Virtual size: 352KB