9730bc979dd962ee5e9771c2e07c08bc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9730bc979dd962ee5e9771c2e07c08bc_JaffaCakes118
Size

209KB
MD5

9730bc979dd962ee5e9771c2e07c08bc
SHA1

153df26dd2bdf25365c2be4a01e4f9cc2a1ed8fe
SHA256

1469d5779742b3db21d77dda4deecd3750725e580546f9cd10bea2d26377c496
SHA512

9f2782817581bd55f6b40ccc12357ce8b672caec3ff1de0997666b7c782548b2ac17f5c8a015855b7a41cc5997b4a5b90d244a989068cd3f393db068f9db3aa0
SSDEEP

3072:sUaNXy3Ag3dPtL2wQrnApMsGjO+VaQqlpeTK7x8a8MPKfBCm4hXNXHdaWazEJVAS:sUWi3AgNPM/AUAZUq0C5HjwuVgH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9730bc979dd962ee5e9771c2e07c08bc_JaffaCakes118

Files

9730bc979dd962ee5e9771c2e07c08bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

63dbe5c579a0661dd9029a5fb14acb6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

PathCanonicalizeW
PathIsRootW
PathIsRelativeW
PathStripToRootW
PathIsURLW
PathCombineW

rpcrt4

RpcBindingFromStringBindingA
NdrClientCall
RpcBindingSetAuthInfoA
RpcStringBindingComposeA
RpcStringFreeA

ole32

OleGetAutoConvert
GetHGlobalFromILockBytes
StgOpenStorageOnILockBytes
CoTaskMemFree
CoGetClassObject
StgCreateDocfileOnILockBytes
CLSIDFromProgID
CoCreateGuid
CoCreateInstance
OleDuplicateData
StringFromCLSID
RevokeDragDrop
OleRun
OleRegGetUserType
CoGetMalloc
CoFreeUnusedLibraries
RegisterDragDrop
GetHGlobalFromStream
CoTaskMemAlloc
CreateStreamOnHGlobal
ReleaseStgMedium
CLSIDFromString
ProgIDFromCLSID
CreateILockBytesOnHGlobal

comctl32

ImageList_DrawEx
ImageList_GetIconSize
ImageList_Create
ImageList_Add
ImageList_Destroy

comdlg32

GetFileTitleA

kernel32

LocalAlloc
SearchPathW
IsDBCSLeadByte
CreateFiber
GetSystemTime
WriteFileGather
FindResourceExA
FileTimeToLocalFileTime
GetProfileStringW
LockFile
UnlockFile
GetFileTime
EnumResourceNamesW
GetFileType
FileTimeToSystemTime
GetVolumeInformationW
FlushFileBuffers
GetFileAttributesA
VerLanguageNameW
CompareStringW
GetUserDefaultLangID
GetVersionExW
SetEndOfFile
FlushFileBuffers
GetSystemDirectoryW

user32

EmptyClipboard
WinHelpW
RegisterClassW
ToAscii
DestroyIcon
DefWindowProcW
CallNextHookEx
UnhookWindowsHookEx
IsClipboardFormatAvailable
ClipCursor
SetScrollRange
SetWindowsHookExW
DestroyCursor
GetSysColorBrush
SetWindowPos
DrawEdge
MonitorFromWindow
SetClipboardData
ChildWindowFromPoint
GetSysColor

Sections

.text
Size: 189KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63dbe5c579a0661dd9029a5fb14acb6e

Headers

File Characteristics

Imports

shlwapi

rpcrt4

ole32

comctl32

comdlg32

kernel32

user32

Sections

.text Size: 189KB - Virtual size: 188KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 15KB - Virtual size: 15KB

.lib Size: 512B - Virtual size: 92KB

.text
Size: 189KB - Virtual size: 188KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 15KB - Virtual size: 15KB

.lib
Size: 512B - Virtual size: 92KB