aced2d0739d3645afb629736ef8105de_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

aced2d0739d3645afb629736ef8105de_JaffaCakes118
Size

206KB
MD5

aced2d0739d3645afb629736ef8105de
SHA1

03799f4ba90339d7caaee2a8e1cbb796639bee6b
SHA256

4726e16da7bd0faa7c5f98a1d71ccd0d64a8f959b0540a64d84a6443a033cdf6
SHA512

bf786c7bb23b3b579d0850892e5d0e8c441f6131298e16e3db58269ab2e17e05ef5a4636b623099f113888e468cf8e65faffd46ee98b62d6a291247e2eb9f548
SSDEEP

6144:YsnMW6/fNN5/tk1SV5aYjp18gzs8Oc1Lqs+snl:Ysn/6/fR3VxjPHOyLqs/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aced2d0739d3645afb629736ef8105de_JaffaCakes118

Files

aced2d0739d3645afb629736ef8105de_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a8b30ddb61000097bc22ff49a66409c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

rpcrt4

RpcBindingFromStringBindingA
RpcStringBindingComposeA
RpcBindingSetAuthInfoA
NdrClientCall
RpcStringFreeA

comctl32

ImageList_Create
ImageList_GetIconSize
ImageList_Add
ImageList_DrawEx
ImageList_Destroy

kernel32

CompareStringW
CreateFiber
GetFileAttributesA
GetUserDefaultLangID
FileTimeToLocalFileTime
GetSystemTime
SearchPathW
SetCommConfig
VerLanguageNameW
UnlockFile
FlushFileBuffers
EnumResourceNamesW
LocalAlloc
GetFileType
IsDBCSLeadByte
FlushFileBuffers
GetProfileStringW
GetVolumeInformationW
LockFile
SetEndOfFile
GetVersionExW
GetFileTime
FindResourceExA
FileTimeToSystemTime
GetSystemDirectoryW

comdlg32

GetFileTitleA

user32

WinHelpW
UnhookWindowsHookEx
ToAscii
DefWindowProcW
DrawEdge
DestroyCursor
EmptyClipboard
SetClipboardData
ChildWindowFromPoint
DestroyIcon
SetScrollRange
IsClipboardFormatAvailable
GetSysColorBrush
ClipCursor
RegisterClassW
MonitorFromWindow
SetWindowPos
SetWindowsHookExW
CallNextHookEx
GetSysColor

shlwapi

PathIsRootW
PathIsURLW
PathStripToRootW
PathCanonicalizeW
PathIsRelativeW
PathCombineW

ole32

GetHGlobalFromILockBytes
CoTaskMemAlloc
RevokeDragDrop
RegisterDragDrop
OleRegGetUserType
CLSIDFromString
GetHGlobalFromStream
ProgIDFromCLSID
OleGetAutoConvert
OleRun
CreateStreamOnHGlobal
CLSIDFromProgID
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoTaskMemFree
CoCreateInstance
CoGetClassObject
OleDuplicateData
StringFromCLSID
CoGetMalloc
ReleaseStgMedium
CoFreeUnusedLibraries
CoCreateGuid
CreateILockBytesOnHGlobal

gdi32

PlgBlt
SetStretchBltMode
GetBkColor
PolyBezier
StrokePath
CreateFontIndirectA
AnimatePalette
FlattenPath
GetBitmapBits
CreatePen
ExtCreatePen
SetTextColor
GetPath
RoundRect
SetDIBits

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a8b30ddb61000097bc22ff49a66409c

Headers

File Characteristics

Imports

rpcrt4

comctl32

kernel32

comdlg32

user32

shlwapi

ole32

gdi32

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 22KB - Virtual size: 21KB

.lib Size: 512B - Virtual size: 96KB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 22KB - Virtual size: 21KB

.lib
Size: 512B - Virtual size: 96KB