64a8349d461492f611b89bc4492f8a8d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

64a8349d461492f611b89bc4492f8a8d_JaffaCakes118
Size

204KB
MD5

64a8349d461492f611b89bc4492f8a8d
SHA1

80e5b5b668c24289b3cedb8cc4205b65ecfdcef5
SHA256

6f54f22b9467aedc8134ec296e6b23e15799548704226e2b7c2205b645433635
SHA512

fc23848bd159db762352b4ba6e1bbc1afe17c5fbe5a5f2ac8a83095dbb0c163806b7a84fd4d1847dda87b0477d68006751260dad544bc1c27957f0c8c94c7206
SSDEEP

6144:kipBU3ruvSj5snI0N5ZH5DwwhdrsEbCZu+KdNIc:3pBquRvXwohlbHJdNIc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64a8349d461492f611b89bc4492f8a8d_JaffaCakes118

Files

64a8349d461492f611b89bc4492f8a8d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e56541c6b7db3d3aa8803f3e4956f4c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

ImageList_DrawEx
ImageList_GetIconSize
ImageList_Create
ImageList_Add
ImageList_Destroy

gdi32

RoundRect
SetStretchBltMode
CreateFontIndirectA
PolyBezier
AnimatePalette
StrokePath
SetTextColor
FlattenPath
GetBkColor
GetBitmapBits
CreatePen
GetPath
PlgBlt
ExtCreatePen
SetDIBits

user32

CallNextHookEx
DefWindowProcW
DrawEdge
UnhookWindowsHookEx
SetWindowPos
ClipCursor
SetClipboardData
WinHelpW
DestroyIcon
SetScrollRange
SetWindowsHookExW
IsClipboardFormatAvailable
RegisterClassW
DestroyCursor
EmptyClipboard
ToAscii
GetSysColorBrush
ChildWindowFromPoint
MonitorFromWindow
GetSysColor

ole32

GetHGlobalFromStream
OleRun
OleRegGetUserType
ReleaseStgMedium
ProgIDFromCLSID
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
GetHGlobalFromILockBytes
OleGetAutoConvert
OleDuplicateData
CLSIDFromString
CreateStreamOnHGlobal
CoGetMalloc
CoFreeUnusedLibraries
RegisterDragDrop
CLSIDFromProgID
RevokeDragDrop
CoCreateInstance
CoTaskMemFree
CoGetClassObject
CoCreateGuid
StringFromCLSID
CreateILockBytesOnHGlobal

rpcrt4

NdrClientCall
RpcBindingFromStringBindingA
RpcBindingSetAuthInfoA
RpcStringBindingComposeA
RpcStringFreeA

comdlg32

GetFileTitleA

shlwapi

PathIsURLW
PathCanonicalizeW
PathIsRootW
PathIsRelativeW
PathStripToRootW
PathCombineW

kernel32

CreateFiberEx
FileTimeToLocalFileTime
IsDBCSLeadByte
GetVersionExW
GetFileTime
FindResourceExA
SetCommConfig
UnlockFile
GetFileType
SearchPathW
VerLanguageNameW
CompareStringW
GetProfileStringW
EnumResourceNamesW
LocalAlloc
GetUserDefaultLangID
LockFile
FlushFileBuffers
FileTimeToSystemTime
SetEndOfFile
FlushFileBuffers
GetFileAttributesA
GetVolumeInformationW
GetSystemTime
GetSystemDirectoryW

Sections

.text
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e56541c6b7db3d3aa8803f3e4956f4c

Headers

File Characteristics

Imports

comctl32

gdi32

user32

ole32

rpcrt4

comdlg32

shlwapi

kernel32

Sections

.text Size: 173KB - Virtual size: 172KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 26KB - Virtual size: 26KB

.lib Size: 512B - Virtual size: 96KB

.text
Size: 173KB - Virtual size: 172KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 26KB - Virtual size: 26KB

.lib
Size: 512B - Virtual size: 96KB