4a84a2c08a8cb1a159ebc194bba72a09_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4a84a2c08a8cb1a159ebc194bba72a09_JaffaCakes118
Size

190KB
MD5

4a84a2c08a8cb1a159ebc194bba72a09
SHA1

575b680cb764cd04027008ca40133f51a6d89956
SHA256

28781089092dc3e7e9f1f8a7abd90ed19169951efc83412d62f99c5eaaaedc53
SHA512

ee8e23d11c3bb7696b964a4cde098187d8f0b9ae0fdba0d063bf7a7a70c203b14af3e5f8faf2e11dc9afe08ec26d779b1e0063edecb3197f76fda77d4fdcbe40
SSDEEP

3072:bchxq7dxJiMR6cfFq0a5B848PZSUPSG1jH9IBaNqrc94i/ocHoHx7J57o:bc305iMDda5BDOZSU6QjHFZ94MC7nc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a84a2c08a8cb1a159ebc194bba72a09_JaffaCakes118

Files

4a84a2c08a8cb1a159ebc194bba72a09_JaffaCakes118
.exe windows:4 windows x86 arch:x86

32e33d870a81977ee52f4a46c30aae0e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

comdlg32

GetFileTitleA

gdi32

SetTextColor
CreateFontIndirectA
RoundRect
GetBkColor
AnimatePalette
SetStretchBltMode
CreatePen
PolyBezier
ExtCreatePen
FlattenPath
GetPath
PlgBlt
GetBitmapBits
StrokePath
SetDIBits

user32

IsClipboardFormatAvailable
CallNextHookEx
RegisterClassW
EmptyClipboard
ClipCursor
SetScrollRange
DestroyCursor
SetClipboardData
SetWindowsHookExW
UnhookWindowsHookEx
DefWindowProcW
DestroyIcon
WinHelpW
DrawEdge
GetSysColorBrush
ChildWindowFromPoint
SetWindowPos
MonitorFromWindow
ToAscii
GetSysColor

shlwapi

PathIsRootW
PathIsURLW
PathCanonicalizeW
PathIsRelativeW
PathStripToRootW
PathCombineW

ole32

OleGetAutoConvert
StgOpenStorageOnILockBytes
GetHGlobalFromStream
CLSIDFromString
StringFromCLSID
CoGetClassObject
CoGetMalloc
ProgIDFromCLSID
OleDuplicateData
OleRegGetUserType
RegisterDragDrop
StgCreateDocfileOnILockBytes
GetHGlobalFromILockBytes
CoTaskMemFree
OleRun
RevokeDragDrop
CoTaskMemAlloc
CoCreateGuid
ReleaseStgMedium
CoFreeUnusedLibraries
CreateStreamOnHGlobal
CLSIDFromProgID
CoCreateInstance
CreateILockBytesOnHGlobal

comctl32

ImageList_DrawEx
ImageList_GetIconSize
ImageList_Create
ImageList_Add
ImageList_Destroy

kernel32

GetFileType
FileTimeToLocalFileTime
FindResourceExA
CreateFiber
GetVolumeInformationW
LockFile
SetCommConfig
IsDBCSLeadByte
FlushFileBuffers
SetEndOfFile
GetFileTime
EnumResourceNamesW
GetVersionExW
GetFileAttributesA
FlushFileBuffers
GetUserDefaultLangID
GetSystemTime
UnlockFile
SearchPathW
CompareStringW
GetProfileStringW
LocalAlloc
VerLanguageNameW
FileTimeToSystemTime
GetSystemDirectoryW

rpcrt4

RpcBindingSetAuthInfoA
RpcBindingFromStringBindingA
RpcStringBindingComposeA
NdrClientCall
RpcStringFreeA

Sections

.text
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32e33d870a81977ee52f4a46c30aae0e

Headers

File Characteristics

Imports

comdlg32

gdi32

user32

shlwapi

ole32

comctl32

kernel32

rpcrt4

Sections

.text Size: 161KB - Virtual size: 160KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 25KB - Virtual size: 24KB

.lib Size: 512B - Virtual size: 220KB

.text
Size: 161KB - Virtual size: 160KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 25KB - Virtual size: 24KB

.lib
Size: 512B - Virtual size: 220KB