5b1ed0b6353895570e8fec14fc99167a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5b1ed0b6353895570e8fec14fc99167a_JaffaCakes118
Size

193KB
MD5

5b1ed0b6353895570e8fec14fc99167a
SHA1

d02ef26a5bcf9ef81f1ec1e54699133f96e5712f
SHA256

2f30b73d16dba59cbaacc7a95c6085243fcd620f39fe186a64aa8c9e38f21958
SHA512

0dc51940af1b70aca9a68b9139b0ac55ec9e9daa1fd6bb17fe9a1f826365d084160890c0103bbbefeae788b5a802261d805dc11991e2f180c4970cbbb457486a
SSDEEP

6144:Sk8ibT8QvdLIzZszJjcQLUurk8gc+3x24l:jjb31Eulfhr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b1ed0b6353895570e8fec14fc99167a_JaffaCakes118

Files

5b1ed0b6353895570e8fec14fc99167a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2a5904f7ed75ee29eafa42e72d980c9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

comdlg32

GetFileTitleA

rpcrt4

RpcBindingFromStringBindingA
NdrClientCall
RpcBindingSetAuthInfoA
RpcStringBindingComposeA
RpcStringFreeA

ole32

CoGetMalloc
CoFreeUnusedLibraries
StringFromCLSID
StgOpenStorageOnILockBytes
RevokeDragDrop
CoCreateInstance
GetHGlobalFromStream
CreateStreamOnHGlobal
CLSIDFromString
CoCreateGuid
ReleaseStgMedium
GetHGlobalFromILockBytes
OleRegGetUserType
OleGetAutoConvert
CLSIDFromProgID
CoTaskMemAlloc
CoGetClassObject
OleRun
CoTaskMemFree
ProgIDFromCLSID
StgCreateDocfileOnILockBytes
OleDuplicateData
RegisterDragDrop
CreateILockBytesOnHGlobal

user32

SetScrollRange
CallNextHookEx
ToAscii
GetSysColorBrush
EmptyClipboard
IsClipboardFormatAvailable
SetWindowsHookExW
SetClipboardData
WinHelpW
RegisterClassW
DestroyCursor
SetWindowPos
MonitorFromWindow
UnhookWindowsHookEx
ChildWindowFromPoint
DestroyIcon
DrawEdge
ClipCursor
DefWindowProcW
GetSysColor

kernel32

CreateFiber
IsDBCSLeadByte
FileTimeToLocalFileTime
UnlockFile
FlushFileBuffers
SetCommConfig
SearchPathW
GetFileTime
GetVersionExW
GetSystemTime
FindResourceExA
GetProfileStringW
EnumResourceNamesW
FileTimeToSystemTime
GetVolumeInformationW
FlushFileBuffers
SetEndOfFile
LocalAlloc
GetFileType
VerLanguageNameW
CompareStringW
GetFileAttributesA
LockFile
GetUserDefaultLangID
GetSystemDirectoryW

shlwapi

PathCanonicalizeW
PathStripToRootW
PathIsRelativeW
PathIsRootW
PathIsURLW
PathCombineW

gdi32

GetBkColor
PlgBlt
ExtCreatePen
RoundRect
FlattenPath
CreateFontIndirectA
CreatePen
GetBitmapBits
StrokePath
PolyBezier
AnimatePalette
SetTextColor
SetStretchBltMode
GetPath
SetDIBits

comctl32

ImageList_DrawEx
ImageList_GetIconSize
ImageList_Add
ImageList_Create
ImageList_Destroy

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a5904f7ed75ee29eafa42e72d980c9f

Headers

File Characteristics

Imports

comdlg32

rpcrt4

ole32

user32

kernel32

shlwapi

gdi32

comctl32

Sections

.text Size: 172KB - Virtual size: 172KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 16KB - Virtual size: 16KB

.lib Size: 512B - Virtual size: 216KB

.text
Size: 172KB - Virtual size: 172KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 16KB - Virtual size: 16KB

.lib
Size: 512B - Virtual size: 216KB