961bd28a37433d1cf6cedd3ad7764528_JaffaCakes118

General

Target

961bd28a37433d1cf6cedd3ad7764528_JaffaCakes118
Size

191KB
MD5

961bd28a37433d1cf6cedd3ad7764528
SHA1

d211d65b44e3d9c4c2b0dcbb99b4a8247404fae2
SHA256

0bfd6f72b313a0c54d7098d7538e4b4fe1c487ef5b660b80c636ae9429dc31c5
SHA512

a143785c015f59a33fbbb509aadf0e3613601fcc57c25be4212935e3b7e56526a2579fea1ff844f9f65f2a7a94da516a10fbfd31c261af6f902e5f910b9a3196
SSDEEP

3072:80wcE94Ymy4c0jhlLNYkiyDhjtYFQFKox3OdLOvmB9TMIwsnHr/TvsICnFX:ZY9lmyajjZYspY0OdLOvmBKiLvsICx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
961bd28a37433d1cf6cedd3ad7764528_JaffaCakes118

Files

961bd28a37433d1cf6cedd3ad7764528_JaffaCakes118
.exe windows:4 windows x86 arch:x86

581a0294f2574a61c549ebef6ba0a54d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetVolumeInformationW
CreateFiber
GetProfileStringW
GetVersionExW
LockFile
FindResourceExA
TerminateProcess
FileTimeToSystemTime
GetFileTime
GetSystemTime
EnumResourceNamesA
CompareStringW
IsDBCSLeadByte
LocalAlloc
UnlockFile
SetEndOfFile
GetUserDefaultLangID
FlushFileBuffers
FileTimeToLocalFileTime
GetFileAttributesA
SearchPathW
GetFileType
VerLanguageNameW
FlushFileBuffers
GetSystemDirectoryW

user32

DefWindowProcW
ToAscii
DestroyCursor
ChildWindowFromPoint
SetClipboardData
UnhookWindowsHookEx
DrawEdge
GetSysColorBrush
SetWindowsHookExW
RealGetWindowClass
IsClipboardFormatAvailable
SetScrollRange
RegisterClassW
ClipCursor
CallNextHookEx
DestroyIcon
SetWindowPos
EmptyClipboard
WinHelpW
GetSysColor

rpcrt4

RpcStringBindingComposeA
RpcBindingFromStringBindingA
NdrClientCall
RpcBindingSetAuthInfoA
RpcStringFreeA

comdlg32

GetFileTitleA

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

581a0294f2574a61c549ebef6ba0a54d

Headers

File Characteristics

Imports

kernel32

user32

rpcrt4

comdlg32

Sections

.text Size: 163KB - Virtual size: 163KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 24KB - Virtual size: 23KB

.tls Size: 512B - Virtual size: 88KB

.text
Size: 163KB - Virtual size: 163KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 24KB - Virtual size: 23KB

.tls
Size: 512B - Virtual size: 88KB