b6a4e6a18d227f1966f33fe915f8958c_JaffaCakes118

General

Target

b6a4e6a18d227f1966f33fe915f8958c_JaffaCakes118
Size

196KB
MD5

b6a4e6a18d227f1966f33fe915f8958c
SHA1

dc424087aba34a13f6dcccb49dec3e4cb3cf5d1a
SHA256

6f2964250b4dfa3615f2daba05ca4c9f4ede744db797bda89f571e249dd4c146
SHA512

9b7526d1b434f29a3e07ee29b762c0bf8bf781b7be2ac878155457157a420340272f624d85686a113172398fe20a18ab5fbd088e38265db1aa3c50198c318694
SSDEEP

6144:fqjGt+Iq4Zg5y9PSYTBs7NYtL0HYcZwt:yKt+IdgE1ZTBGNYtIxZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6a4e6a18d227f1966f33fe915f8958c_JaffaCakes118

Files

b6a4e6a18d227f1966f33fe915f8958c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

660d394d99a3e9fff849e795349848f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

comdlg32

GetFileTitleA

rpcrt4

NdrClientCall
RpcBindingFromStringBindingA
RpcStringBindingComposeA
RpcBindingSetAuthInfoA
RpcStringFreeA

shlwapi

PathCanonicalizeW
PathIsURLW
PathIsRelativeW
PathStripToRootW
PathIsRootW
PathCombineW

user32

SetClipboardData
MonitorFromWindow
IsClipboardFormatAvailable
UnhookWindowsHookEx
WinHelpW
CallNextHookEx
DrawEdge
DestroyIcon
SetWindowPos
DefWindowProcW
DestroyCursor
ClipCursor
SetWindowsHookExW
RegisterClassW
ChildWindowFromPoint
EmptyClipboard
SetScrollRange
GetSysColorBrush
ToAscii
GetSysColor

comctl32

ImageList_Add
ImageList_DrawEx
ImageList_GetIconSize
ImageList_Create
ImageList_Destroy

kernel32

CreateFiber
LockFile
UnlockFile
IsDBCSLeadByte
VerLanguageNameW
WriteFileGather
FindResourceExA
GetSystemTime
GetFileAttributesA
GetUserDefaultLangID
EnumResourceNamesW
GetFileType
FlushFileBuffers
GetProfileStringW
CompareStringW
FlushFileBuffers
LocalAlloc
FileTimeToLocalFileTime
GetFileTime
GetVolumeInformationW
GetVersionExW
FileTimeToSystemTime
SetEndOfFile
SearchPathW
GetSystemDirectoryW

Sections

.text
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

660d394d99a3e9fff849e795349848f4

Headers

File Characteristics

Imports

comdlg32

rpcrt4

shlwapi

user32

comctl32

kernel32

Sections

.text Size: 174KB - Virtual size: 173KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 18KB - Virtual size: 18KB

.lib Size: 512B - Virtual size: 352KB

.text
Size: 174KB - Virtual size: 173KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 18KB - Virtual size: 18KB

.lib
Size: 512B - Virtual size: 352KB