a104ab8bb5eeb61d2db2e00f34db80d8_JaffaCakes118

General

Target

a104ab8bb5eeb61d2db2e00f34db80d8_JaffaCakes118
Size

216KB
MD5

a104ab8bb5eeb61d2db2e00f34db80d8
SHA1

4e89e499ae2368e3b0e05a5bbb7838af2c9ce504
SHA256

48b6bce0bbd5a9e62bdaed5c580d1d841925ac748d4d9a3827634acf06449257
SHA512

515ff71fbdd7a5a69efa363b37feb46d78286c749782505d7cd6d7c816e3034d3a9a58016bd4c30a76b882d219c10ac313b791dffb728723c63fa08a8eee36df
SSDEEP

6144:IHPx9NFfLY8DHRBKKxFiZyESlNwV18WbNYcW7R1CC/:Wjn5zrKny0pbNYbb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a104ab8bb5eeb61d2db2e00f34db80d8_JaffaCakes118

Files

a104ab8bb5eeb61d2db2e00f34db80d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e338116b735e4cbc474d8996fd43ac65

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

rpcrt4

NdrClientCall
RpcBindingFromStringBindingA
RpcBindingSetAuthInfoA
RpcStringBindingComposeA
RpcStringFreeA

kernel32

CreateFiber
GetFileTime
SearchPathW
VerLanguageNameW
LockFile
UnlockFile
IsDBCSLeadByte
TerminateProcess
GetFileType
GetSystemTime
EnumResourceNamesA
GetProfileStringW
SetEndOfFile
GetVolumeInformationW
LocalAlloc
FileTimeToSystemTime
FlushFileBuffers
GetUserDefaultLangID
FileTimeToLocalFileTime
GetFileAttributesA
GetVersionExW
FindResourceExA
FlushFileBuffers
CompareStringW
GetSystemDirectoryW

comdlg32

GetFileTitleA

user32

SetClipboardData
DrawEdge
CallNextHookEx
DestroyCursor
RealGetWindowClass
SetScrollRange
SetWindowsHookExW
RegisterClassW
UnhookWindowsHookEx
SetWindowPos
ChildWindowFromPoint
WinHelpW
DefWindowProcW
ClipCursor
IsClipboardFormatAvailable
EmptyClipboard
ToAscii
DestroyIcon
GetSysColorBrush
GetSysColor

Sections

.text
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e338116b735e4cbc474d8996fd43ac65

Headers

File Characteristics

Imports

rpcrt4

kernel32

comdlg32

user32

Sections

.text Size: 195KB - Virtual size: 195KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 17KB - Virtual size: 16KB

.tls Size: 512B - Virtual size: 92KB

.text
Size: 195KB - Virtual size: 195KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 17KB - Virtual size: 16KB

.tls
Size: 512B - Virtual size: 92KB