411224fc80b5ef84eb9154f5851b305d_JaffaCakes118

General

Target

411224fc80b5ef84eb9154f5851b305d_JaffaCakes118
Size

209KB
MD5

411224fc80b5ef84eb9154f5851b305d
SHA1

d0b6b1aebe61a33f3835e1d27de4cdcf23a4615b
SHA256

18d8fd7e34c21b0e2bea3726a42304063088afac8c2a3280d26872226fda3e76
SHA512

8116c8ab5beb7c5102a56a788cd246e42fa37bdf383a871dcff91e4b8f061de5538f5bb395dd1fcf393a2e1d778d2328e2f145976fcc1eeb426bcffbf4d97838
SSDEEP

6144:IEemuGYIMrvYVcMN1ffQF9QidTyL32sdXTysE:IEeBPrwpXidTYZT/E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
411224fc80b5ef84eb9154f5851b305d_JaffaCakes118

Files

411224fc80b5ef84eb9154f5851b305d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7f21f73e3c4cd85c6db9d5f070035b77

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateFiber
GetProfileStringW
FileTimeToLocalFileTime
GetFileTime
GetFileType
UnlockFile
TerminateProcess
SearchPathW
GetFileAttributesA
GetUserDefaultLangID
FileTimeToSystemTime
EnumResourceNamesA
GetVersionExW
CompareStringW
VerLanguageNameW
IsDBCSLeadByte
FlushFileBuffers
GetVolumeInformationW
LockFile
SetEndOfFile
GetSystemTime
FindResourceExA
FlushFileBuffers
LocalAlloc
GetSystemDirectoryW

comctl32

ImageList_DrawEx
ImageList_Add
ImageList_Create
ImageList_GetIconSize
ImageList_Destroy

user32

EmptyClipboard
WinHelpW
DrawEdge
IsClipboardFormatAvailable
SetScrollRange
ToAscii
DestroyIcon
ChildWindowFromPoint
RealGetWindowClass
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
GetSysColorBrush
DefWindowProcW
SetClipboardData
SetWindowPos
ClipCursor
RegisterClassW
DestroyCursor
GetSysColor

comdlg32

GetFileTitleA

rpcrt4

RpcStringBindingComposeA
NdrClientCall
RpcBindingFromStringBindingA
RpcBindingSetAuthInfoA
RpcStringFreeA

Sections

.text
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f21f73e3c4cd85c6db9d5f070035b77

Headers

File Characteristics

Imports

kernel32

comctl32

user32

comdlg32

rpcrt4

Sections

.text Size: 191KB - Virtual size: 190KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 14KB - Virtual size: 14KB

.tls Size: 512B - Virtual size: 92KB

.text
Size: 191KB - Virtual size: 190KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 14KB - Virtual size: 14KB

.tls
Size: 512B - Virtual size: 92KB