8bde5a4b3d60091d805186357127c5a7_JaffaCakes118

General

Target

8bde5a4b3d60091d805186357127c5a7_JaffaCakes118
Size

201KB
MD5

8bde5a4b3d60091d805186357127c5a7
SHA1

13ae345cf2bfe82d0126b8ebbe9432752a4227f8
SHA256

a57914a9917f645a144796aed686e31270349b5d33ccfd0411c26f9b3ddaffc0
SHA512

4a026e5068e3ff439330c60f9e6e1716e2ac8d5cf469896487665b1072ef81878d6ce7f4fb1638be78f9ecc909d1c56e61dc36f970f69aa35f809f157259f7ce
SSDEEP

6144:GsRzmIqhUaNhwva5JR7TNiu8fprgOCbDhp/fT2:GkzmIqhZnC+nYu81gR/fS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8bde5a4b3d60091d805186357127c5a7_JaffaCakes118

Files

8bde5a4b3d60091d805186357127c5a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41643007e16aef5da9fc4f60290f988d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetVolumeInformationW
UnlockFile
GetFileType
CreateFiber
GetUserDefaultLangID
LocalAlloc
TerminateProcess
VerLanguageNameW
FileTimeToLocalFileTime
IsDBCSLeadByte
GetProfileStringW
GetVersionExW
EnumResourceNamesA
CompareStringW
FlushFileBuffers
GetFileAttributesA
GetSystemTime
LockFile
GetFileTime
FindResourceExA
SetEndOfFile
FlushFileBuffers
SearchPathW
FileTimeToSystemTime
GetSystemDirectoryW

user32

GetSysColorBrush
DefWindowProcW
ToAscii
DrawEdge
SetWindowsHookExW
SetClipboardData
IsClipboardFormatAvailable
SetWindowPos
DestroyIcon
RealGetWindowClass
UnhookWindowsHookEx
ClipCursor
DestroyCursor
WinHelpW
RegisterClassW
EmptyClipboard
ChildWindowFromPoint
SetScrollRange
CallNextHookEx
GetSysColor

comdlg32

GetFileTitleA

rpcrt4

RpcBindingSetAuthInfoA
NdrClientCall
RpcStringBindingComposeA
RpcBindingFromStringBindingA
RpcStringFreeA

Sections

.text
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41643007e16aef5da9fc4f60290f988d

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

rpcrt4

Sections

.text Size: 181KB - Virtual size: 180KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 16KB - Virtual size: 16KB

.tls Size: 512B - Virtual size: 216KB

.text
Size: 181KB - Virtual size: 180KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 16KB - Virtual size: 16KB

.tls
Size: 512B - Virtual size: 216KB