691f4e90e85c5a7198e5014659a49833_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

691f4e90e85c5a7198e5014659a49833_JaffaCakes118
Size

204KB
MD5

691f4e90e85c5a7198e5014659a49833
SHA1

ded13af743432441f94d4099ba4ef15f9d53d394
SHA256

9741c21744e9d92bc809ab6968859b4dc4ad0c762746d99b81ce3a62e303f782
SHA512

62361e2fee571be84142ec9f358134196ef27d7817f84b90e4ad2ae4b245aea685c9178c2a10709bdeee469dc5763c2352c616049b2c997ac6646bb84eca9bfd
SSDEEP

6144:ubM8o2Cs/Lg025dcNg7ZgcLAUgw6YT6slJ2T9zY:6MQC/0f4ycLpP6dkIT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
691f4e90e85c5a7198e5014659a49833_JaffaCakes118

Files

691f4e90e85c5a7198e5014659a49833_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d99c0ac0012ce924046117f4e89705d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

ImageList_DrawEx
ImageList_Add
ImageList_Create
ImageList_GetIconSize
ImageList_Destroy

user32

ClipCursor
SetWindowPos
UnhookWindowsHookEx
DefWindowProcW
GetSysColorBrush
RegisterClassW
CallNextHookEx
WinHelpW
SetClipboardData
DestroyCursor
ToAscii
SetScrollRange
MonitorFromWindow
SetWindowsHookExW
EmptyClipboard
DrawEdge
IsClipboardFormatAvailable
DestroyIcon
ChildWindowFromPoint
GetSysColor

kernel32

SearchPathW
CreateFiber
GetProfileStringW
CompareStringW
UnlockFile
GetFileAttributesA
SetCommConfig
GetVolumeInformationW
VerLanguageNameW
LocalAlloc
EnumResourceNamesW
GetFileTime
LockFile
FileTimeToSystemTime
FileTimeToLocalFileTime
SetEndOfFile
GetVersionExW
FlushFileBuffers
GetFileType
GetUserDefaultLangID
IsDBCSLeadByte
GetSystemTime
FlushFileBuffers
FindResourceExA
GetSystemDirectoryW

rpcrt4

RpcStringBindingComposeA
RpcBindingFromStringBindingA
RpcBindingSetAuthInfoA
NdrClientCall
RpcStringFreeA

gdi32

GetBitmapBits
CreateFontIndirectA
GetBkColor
AnimatePalette
FlattenPath
PolyBezier
GetPath
RoundRect
SetTextColor
StrokePath
CreatePen
ExtCreatePen
SetStretchBltMode
PlgBlt
SetDIBits

ole32

CoFreeUnusedLibraries
CLSIDFromString
StgOpenStorageOnILockBytes
OleRegGetUserType
CoCreateInstance
CreateStreamOnHGlobal
ProgIDFromCLSID
OleRun
CoTaskMemFree
OleDuplicateData
StringFromCLSID
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
RegisterDragDrop
CLSIDFromProgID
GetHGlobalFromStream
OleGetAutoConvert
CoCreateGuid
GetHGlobalFromILockBytes
ReleaseStgMedium
RevokeDragDrop
CoGetClassObject
CoGetMalloc
CreateILockBytesOnHGlobal

comdlg32

GetFileTitleA

shlwapi

PathIsURLW
PathStripToRootW
PathIsRelativeW
PathCanonicalizeW
PathIsRootW
PathCombineW

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d99c0ac0012ce924046117f4e89705d5

Headers

File Characteristics

Imports

comctl32

user32

kernel32

rpcrt4

gdi32

ole32

comdlg32

shlwapi

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 27KB - Virtual size: 27KB

.lib Size: 512B - Virtual size: 100KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 27KB - Virtual size: 27KB

.lib
Size: 512B - Virtual size: 100KB