2b41b8288fdfea0265b742886ddecd77_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b41b8288fdfea0265b742886ddecd77_JaffaCakes118
Size

204KB
MD5

2b41b8288fdfea0265b742886ddecd77
SHA1

b3e16b9c194b00ad5ea8cc973212004415395484
SHA256

1600ff5a4255a440e77dd2a6733bf355d7c519ce6a27bf82b2cd60167125e754
SHA512

1146ac7dd7d7f2a55134a359d16af995015c69facd956e4bf8ed57730fdec318c7d402cfd6d5e70872b1f31b5e3aee6e78c55f547ed2399a217c84f62d194b0c
SSDEEP

6144:JMpqjNXuR8SNZ5pm6P/oIBxibabekwc8q83:JMQheb5E6nZB81Xc8n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b41b8288fdfea0265b742886ddecd77_JaffaCakes118

Files

2b41b8288fdfea0265b742886ddecd77_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab3bd5fdfd382d3ebaaa7f6cb9157159

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetWindowsHookExW
GetSysColorBrush
DrawEdge
DestroyCursor
SetWindowPos
WinHelpW
SetScrollRange
ToAscii
CallNextHookEx
RegisterClassW
ChildWindowFromPoint
MonitorFromWindow
EmptyClipboard
SetClipboardData
DefWindowProcW
DestroyIcon
IsClipboardFormatAvailable
UnhookWindowsHookEx
ClipCursor
GetSysColor

gdi32

GetBitmapBits
FlattenPath
PlgBlt
StrokePath
SetStretchBltMode
ExtCreatePen
RoundRect
PolyBezier
CreatePen
SetTextColor
GetBkColor
GetPath
CreateFontIndirectA
AnimatePalette
SetDIBits

comctl32

ImageList_Create
ImageList_Add
ImageList_GetIconSize
ImageList_DrawEx
ImageList_Destroy

kernel32

IsDBCSLeadByte
GetSystemTime
CreateFiber
CompareStringW
SearchPathW
SetEndOfFile
LockFile
SetCommConfig
FileTimeToSystemTime
FlushFileBuffers
LocalAlloc
GetProfileStringW
UnlockFile
EnumResourceNamesW
GetFileTime
FlushFileBuffers
GetVersionExW
FileTimeToLocalFileTime
GetVolumeInformationW
VerLanguageNameW
GetUserDefaultLangID
FindResourceExA
GetFileType
GetFileAttributesA
GetSystemDirectoryW

comdlg32

GetFileTitleA

rpcrt4

RpcBindingSetAuthInfoA
RpcStringBindingComposeA
NdrClientCall
RpcBindingFromStringBindingA
RpcStringFreeA

ole32

CreateStreamOnHGlobal
CLSIDFromString
StgOpenStorageOnILockBytes
CoTaskMemFree
OleRun
CoCreateGuid
CoCreateInstance
GetHGlobalFromStream
CoFreeUnusedLibraries
StringFromCLSID
ReleaseStgMedium
OleGetAutoConvert
RevokeDragDrop
StgCreateDocfileOnILockBytes
CoGetClassObject
ProgIDFromCLSID
OleDuplicateData
OleRegGetUserType
CoTaskMemAlloc
GetHGlobalFromILockBytes
CoGetMalloc
CLSIDFromProgID
RegisterDragDrop
CreateILockBytesOnHGlobal

shlwapi

PathStripToRootW
PathIsRootW
PathCanonicalizeW
PathIsURLW
PathIsRelativeW
PathCombineW

Sections

.text
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab3bd5fdfd382d3ebaaa7f6cb9157159

Headers

File Characteristics

Imports

user32

gdi32

comctl32

kernel32

comdlg32

rpcrt4

ole32

shlwapi

Sections

.text Size: 173KB - Virtual size: 172KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 26KB - Virtual size: 26KB

.lib Size: 512B - Virtual size: 96KB

.text
Size: 173KB - Virtual size: 172KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 26KB - Virtual size: 26KB

.lib
Size: 512B - Virtual size: 96KB