4b68f083437bf4d126fd412cca2bf85d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4b68f083437bf4d126fd412cca2bf85d_JaffaCakes118
Size

193KB
MD5

4b68f083437bf4d126fd412cca2bf85d
SHA1

474dfa2702624da42add189d35d52c1f7b55a180
SHA256

6cecdbf239f0ef67f7099d222b9f8730c4b2cf0e1772bdbd3a45be65879a23a8
SHA512

766911610394dab36015d57a4e0157fa966efb11329925237757a071060c588479d01a5c67652c26f2d329498dfc5bb7524eed8034c00dedfe62988d2ed07d6b
SSDEEP

6144:Sk8ibT8QvdLIzZszJjcQLUurk8gc+3x24l:jjb31Eulfhr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b68f083437bf4d126fd412cca2bf85d_JaffaCakes118

Files

4b68f083437bf4d126fd412cca2bf85d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2a5904f7ed75ee29eafa42e72d980c9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

comdlg32

GetFileTitleA

rpcrt4

RpcBindingFromStringBindingA
NdrClientCall
RpcBindingSetAuthInfoA
RpcStringBindingComposeA
RpcStringFreeA

ole32

CoGetMalloc
CoFreeUnusedLibraries
StringFromCLSID
StgOpenStorageOnILockBytes
RevokeDragDrop
CoCreateInstance
GetHGlobalFromStream
CreateStreamOnHGlobal
CLSIDFromString
CoCreateGuid
ReleaseStgMedium
GetHGlobalFromILockBytes
OleRegGetUserType
OleGetAutoConvert
CLSIDFromProgID
CoTaskMemAlloc
CoGetClassObject
OleRun
CoTaskMemFree
ProgIDFromCLSID
StgCreateDocfileOnILockBytes
OleDuplicateData
RegisterDragDrop
CreateILockBytesOnHGlobal

user32

SetScrollRange
CallNextHookEx
ToAscii
GetSysColorBrush
EmptyClipboard
IsClipboardFormatAvailable
SetWindowsHookExW
SetClipboardData
WinHelpW
RegisterClassW
DestroyCursor
SetWindowPos
MonitorFromWindow
UnhookWindowsHookEx
ChildWindowFromPoint
DestroyIcon
DrawEdge
ClipCursor
DefWindowProcW
GetSysColor

kernel32

CreateFiber
IsDBCSLeadByte
FileTimeToLocalFileTime
UnlockFile
FlushFileBuffers
SetCommConfig
SearchPathW
GetFileTime
GetVersionExW
GetSystemTime
FindResourceExA
GetProfileStringW
EnumResourceNamesW
FileTimeToSystemTime
GetVolumeInformationW
FlushFileBuffers
SetEndOfFile
LocalAlloc
GetFileType
VerLanguageNameW
CompareStringW
GetFileAttributesA
LockFile
GetUserDefaultLangID
GetSystemDirectoryW

shlwapi

PathCanonicalizeW
PathStripToRootW
PathIsRelativeW
PathIsRootW
PathIsURLW
PathCombineW

gdi32

GetBkColor
PlgBlt
ExtCreatePen
RoundRect
FlattenPath
CreateFontIndirectA
CreatePen
GetBitmapBits
StrokePath
PolyBezier
AnimatePalette
SetTextColor
SetStretchBltMode
GetPath
SetDIBits

comctl32

ImageList_DrawEx
ImageList_GetIconSize
ImageList_Add
ImageList_Create
ImageList_Destroy

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a5904f7ed75ee29eafa42e72d980c9f

Headers

File Characteristics

Imports

comdlg32

rpcrt4

ole32

user32

kernel32

shlwapi

gdi32

comctl32

Sections

.text Size: 172KB - Virtual size: 172KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 16KB - Virtual size: 16KB

.lib Size: 512B - Virtual size: 216KB

.text
Size: 172KB - Virtual size: 172KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 16KB - Virtual size: 16KB

.lib
Size: 512B - Virtual size: 216KB