39f6a83148ecd46758265848bc912474_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

39f6a83148ecd46758265848bc912474_JaffaCakes118
Size

198KB
MD5

39f6a83148ecd46758265848bc912474
SHA1

a51881628a2fd8d3e11972004f58749b9ddde1ab
SHA256

996dd5b62861821693ed31d06f800b2ab2809b071ec95a1a0d9eb32568dba14b
SHA512

ada2fe0f8f3a185fca51af6c9f1cb3e692e2b437afd5e9118468fbb18a3fa425c0c4e4cf31af7bdf74e116d6d469bb616a8a1630f9adbfe9d018fd4e93b37f5d
SSDEEP

6144:6wgrKbVXfLqRj1VqjPXXbmouyZvzkjtMXCV:6p2bVXeJaXe0vzktJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39f6a83148ecd46758265848bc912474_JaffaCakes118

Files

39f6a83148ecd46758265848bc912474_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9e6edba4ab79c71eb43f1a133e4d10cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

rpcrt4

RpcStringBindingComposeA
RpcBindingSetAuthInfoA
RpcBindingFromStringBindingA
NdrClientCall
RpcStringFreeA

shlwapi

PathIsRootW
PathCanonicalizeW
PathStripToRootW
PathIsURLW
PathIsRelativeW
PathCombineW

user32

DefWindowProcW
SetWindowPos
DestroyCursor
CallNextHookEx
ClipCursor
IsClipboardFormatAvailable
SetScrollRange
SetWindowsHookExW
SetClipboardData
GetSysColorBrush
WinHelpW
ToAscii
UnhookWindowsHookEx
MonitorFromWindow
RegisterClassW
DrawEdge
DestroyIcon
EmptyClipboard
ChildWindowFromPoint
GetSysColor

comdlg32

GetFileTitleA

gdi32

GetBkColor
SetTextColor
CreatePen
GetBitmapBits
PolyBezier
StrokePath
SetStretchBltMode
RoundRect
PlgBlt
ExtCreatePen
CreateFontIndirectA
FlattenPath
AnimatePalette
GetPath
SetDIBits

comctl32

ImageList_DrawEx
ImageList_GetIconSize
ImageList_Create
ImageList_Add
ImageList_Destroy

ole32

GetHGlobalFromILockBytes
RegisterDragDrop
OleRun
CLSIDFromProgID
OleDuplicateData
ReleaseStgMedium
CoFreeUnusedLibraries
CoGetMalloc
CoGetClassObject
StgOpenStorageOnILockBytes
OleGetAutoConvert
RevokeDragDrop
ProgIDFromCLSID
OleRegGetUserType
CoTaskMemFree
StringFromCLSID
CoCreateGuid
CLSIDFromString
GetHGlobalFromStream
StgCreateDocfileOnILockBytes
CoCreateInstance
CoTaskMemAlloc
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal

kernel32

CreateFiber
LockFile
GetProfileStringW
SetEndOfFile
GetVolumeInformationW
IsDBCSLeadByte
GetVersionExW
LocalAlloc
SetCommConfig
GetFileTime
EnumResourceNamesW
SearchPathW
FlushFileBuffers
UnlockFile
VerLanguageNameW
CompareStringW
FlushFileBuffers
FileTimeToLocalFileTime
FindResourceExA
GetUserDefaultLangID
FileTimeToSystemTime
GetFileAttributesA
GetSystemTime
GetFileType
GetSystemDirectoryW

Sections

.text
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e6edba4ab79c71eb43f1a133e4d10cf

Headers

File Characteristics

Imports

rpcrt4

shlwapi

user32

comdlg32

gdi32

comctl32

ole32

kernel32

Sections

.text Size: 178KB - Virtual size: 178KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 15KB - Virtual size: 14KB

.lib Size: 512B - Virtual size: 352KB

.text
Size: 178KB - Virtual size: 178KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 15KB - Virtual size: 14KB

.lib
Size: 512B - Virtual size: 352KB