8932f025a34a4f2fe66e3e8a4ad453d3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8932f025a34a4f2fe66e3e8a4ad453d3_JaffaCakes118
Size

183KB
MD5

8932f025a34a4f2fe66e3e8a4ad453d3
SHA1

e8d11c368bbcc3e9188a6809132d3b6ddd7e5081
SHA256

617c67ce55780a6c75356108d64b57a2155b896ef74d6d1907bb74b517e5dcf3
SHA512

346528220239f9ce33828d46a2e02759486459a508130c92b3150176c0a6e3a7786ec5c6e1171f6c73ae42c3e83fe02b27569bd1799caa5861074f2326a2947c
SSDEEP

3072:XMeSoJ0KNtudTU0WK4s6T7U3/zOnI+qV5KkNqkGrIxXaHkFSwpeVe0p2A:HaKmU03h6vrIJVPnG4TSrVWA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8932f025a34a4f2fe66e3e8a4ad453d3_JaffaCakes118

Files

8932f025a34a4f2fe66e3e8a4ad453d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

088919b332c70d7d5309a6089fd27767

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

ImageList_GetIconSize
ImageList_Create
ImageList_DrawEx
ImageList_Add
ImageList_Destroy

rpcrt4

NdrClientCall
RpcBindingFromStringBindingA
RpcBindingSetAuthInfoA
RpcStringBindingComposeA
RpcStringFreeA

shlwapi

PathStripToRootW
PathIsURLW
PathCanonicalizeW
PathIsRootW
PathIsRelativeW
PathCombineW

ole32

CoGetClassObject
ReleaseStgMedium
CoTaskMemFree
CoGetMalloc
GetHGlobalFromILockBytes
GetHGlobalFromStream
ProgIDFromCLSID
OleDuplicateData
CoTaskMemAlloc
CreateStreamOnHGlobal
CoCreateInstance
RegisterDragDrop
CoCreateGuid
OleGetAutoConvert
StgOpenStorageOnILockBytes
CLSIDFromProgID
CLSIDFromString
RevokeDragDrop
CoFreeUnusedLibraries
StringFromCLSID
StgCreateDocfileOnILockBytes
OleRun
OleRegGetUserType
CreateILockBytesOnHGlobal

comdlg32

GetFileTitleA

kernel32

CreateFiber
SearchPathW
FlushFileBuffers
IsDBCSLeadByte
GetProfileStringW
GetUserDefaultLangID
SetCommConfig
CompareStringW
LockFile
GetVersionExW
UnlockFile
FileTimeToSystemTime
EnumResourceNamesW
GetVolumeInformationW
FileTimeToLocalFileTime
FlushFileBuffers
GetFileTime
VerLanguageNameW
FindResourceExA
GetSystemTime
LocalAlloc
SetEndOfFile
GetFileAttributesA
GetFileType
GetSystemDirectoryW

gdi32

PolyBezier
GetBitmapBits
PlgBlt
ExtCreatePen
StrokePath
AnimatePalette
GetBkColor
FlattenPath
CreateFontIndirectA
SetStretchBltMode
SetTextColor
CreatePen
RoundRect
GetPath
SetDIBits

user32

GetSysColorBrush
MonitorFromWindow
UnhookWindowsHookEx
ToAscii
DestroyCursor
EmptyClipboard
SetWindowsHookExW
IsClipboardFormatAvailable
SetClipboardData
RegisterClassW
SetScrollRange
ClipCursor
SetWindowPos
WinHelpW
ChildWindowFromPoint
DefWindowProcW
CallNextHookEx
DrawEdge
DestroyIcon
GetSysColor

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

088919b332c70d7d5309a6089fd27767

Headers

File Characteristics

Imports

comctl32

rpcrt4

shlwapi

ole32

comdlg32

kernel32

gdi32

user32

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 23KB - Virtual size: 22KB

.lib Size: 512B - Virtual size: 80KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 23KB - Virtual size: 22KB

.lib
Size: 512B - Virtual size: 80KB