ad4f0a89e9068f6c61e5607d76602a65_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ad4f0a89e9068f6c61e5607d76602a65_JaffaCakes118
Size

190KB
MD5

ad4f0a89e9068f6c61e5607d76602a65
SHA1

103fea8022f0cd9c695049294bf164fd85bd0508
SHA256

477b99accab42042c8c0ec8da3839297382a9db8a05b22e7b4542e044dfeaa76
SHA512

b5d12f16cc8c6f6697ca89ce3416b8821e34a60e6d2805820655207c8f8e6ced0aa5d1043cde408e13ec5db28b7a7dd52494f55754fa8e5c020f9d62befe07d0
SSDEEP

3072:1iXboobTlehOItcMZFmWE3Iw8hvRZV6fCZAWgY6PfyDc1CkJI5ZRpQ6JBVDSLKPz:1iXboobZehOWdmBIBb6KZd6yg1CkJ2Zb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad4f0a89e9068f6c61e5607d76602a65_JaffaCakes118

Files

ad4f0a89e9068f6c61e5607d76602a65_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec45c26baa52bba14cf4611b33df7d37

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

comdlg32

GetFileTitleA

kernel32

GetProfileStringW
CreateFiber
GetFileType
UnlockFile
GetUserDefaultLangID
GetFileAttributesA
VerLanguageNameW
SetCommConfig
GetVolumeInformationW
GetVersionExW
EnumResourceNamesW
GetFileTime
CompareStringW
FindResourceExA
FlushFileBuffers
LocalAlloc
GetSystemTime
IsDBCSLeadByte
LockFile
FileTimeToSystemTime
SearchPathW
SetEndOfFile
FlushFileBuffers
FileTimeToLocalFileTime
GetSystemDirectoryW

ole32

OleDuplicateData
RegisterDragDrop
CoGetClassObject
GetHGlobalFromILockBytes
CoGetMalloc
CoFreeUnusedLibraries
CLSIDFromString
StgCreateDocfileOnILockBytes
CoTaskMemAlloc
OleRegGetUserType
RevokeDragDrop
CoTaskMemFree
CLSIDFromProgID
StringFromCLSID
ReleaseStgMedium
OleGetAutoConvert
OleRun
CoCreateInstance
ProgIDFromCLSID
CreateStreamOnHGlobal
StgOpenStorageOnILockBytes
CoCreateGuid
GetHGlobalFromStream
CreateILockBytesOnHGlobal

rpcrt4

RpcBindingSetAuthInfoA
RpcStringBindingComposeA
RpcBindingFromStringBindingA
NdrClientCall
RpcStringFreeA

comctl32

ImageList_Add
ImageList_Create
ImageList_GetIconSize
ImageList_DrawEx
ImageList_Destroy

shlwapi

PathCanonicalizeW
PathIsURLW
PathStripToRootW
PathIsRootW
PathIsRelativeW
PathCombineW

user32

MonitorFromWindow
DefWindowProcW
SetScrollRange
SetWindowsHookExW
ToAscii
DestroyIcon
WinHelpW
CallNextHookEx
DrawEdge
ChildWindowFromPoint
GetSysColorBrush
RegisterClassW
UnhookWindowsHookEx
IsClipboardFormatAvailable
ClipCursor
SetWindowPos
SetClipboardData
DestroyCursor
EmptyClipboard
GetSysColor

gdi32

CreatePen
CreateFontIndirectA
GetBkColor
SetStretchBltMode
RoundRect
SetTextColor
PolyBezier
StrokePath
PlgBlt
GetPath
GetBitmapBits
AnimatePalette
ExtCreatePen
FlattenPath
SetDIBits

Sections

.text
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec45c26baa52bba14cf4611b33df7d37

Headers

File Characteristics

Imports

comdlg32

kernel32

ole32

rpcrt4

comctl32

shlwapi

user32

gdi32

Sections

.text Size: 162KB - Virtual size: 162KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 23KB - Virtual size: 23KB

.lib Size: 512B - Virtual size: 224KB

.text
Size: 162KB - Virtual size: 162KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 23KB - Virtual size: 23KB

.lib
Size: 512B - Virtual size: 224KB