34e3e728a191b5a57829ed86046e298e_JaffaCakes118

General

Target

34e3e728a191b5a57829ed86046e298e_JaffaCakes118
Size

202KB
MD5

34e3e728a191b5a57829ed86046e298e
SHA1

413c338aa5c8325a750a3d556fad82c1af47f5d4
SHA256

73e59bac3ddf35bce18348225a2acdf5615d26e2f11cc64aefecacb0199650cb
SHA512

9ef83891bd8daa69fd374e8a6b669449f63ce27b08c9f27bf288e99131703b829a211215efced598e21f69b6c2f8d3044147a777d07dda64c03b05429a223d92
SSDEEP

6144:4dp53qjSUef+y1ODB5qMD9ZIwG8f0wCREH:4f53qjSUefJ8dJDzIvRE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34e3e728a191b5a57829ed86046e298e_JaffaCakes118

Files

34e3e728a191b5a57829ed86046e298e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

85109ed7b9ec92f777834c6f30e03688

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

rpcrt4

RpcBindingFromStringBindingA
RpcStringBindingComposeA
NdrClientCall
RpcBindingSetAuthInfoA
RpcStringFreeA

kernel32

LocalAlloc
CreateFiber
SearchPathW
GetUserDefaultLangID
FlushFileBuffers
FileTimeToSystemTime
GetFileType
TerminateProcess
SetEndOfFile
UnlockFile
FileTimeToLocalFileTime
EnumResourceNamesA
GetSystemTime
GetFileTime
GetVersionExW
GetFileAttributesA
FlushFileBuffers
FindResourceExA
CompareStringW
IsDBCSLeadByte
LockFile
VerLanguageNameW
GetProfileStringW
GetVolumeInformationW
GetSystemDirectoryW

comdlg32

GetFileTitleA

user32

DestroyCursor
UnhookWindowsHookEx
DefWindowProcW
DestroyIcon
RegisterClassW
CallNextHookEx
WinHelpW
ChildWindowFromPoint
DrawEdge
GetSysColorBrush
ToAscii
SetWindowPos
SetScrollRange
SetWindowsHookExW
ClipCursor
IsClipboardFormatAvailable
RealGetWindowClass
EmptyClipboard
SetClipboardData
GetSysColor

Sections

.text
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85109ed7b9ec92f777834c6f30e03688

Headers

File Characteristics

Imports

rpcrt4

kernel32

comdlg32

user32

Sections

.text Size: 176KB - Virtual size: 176KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 22KB - Virtual size: 22KB

.tls Size: 512B - Virtual size: 352KB

.text
Size: 176KB - Virtual size: 176KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 22KB - Virtual size: 22KB

.tls
Size: 512B - Virtual size: 352KB