bfc7c220a2e1aa788aaf932dc97786a4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bfc7c220a2e1aa788aaf932dc97786a4_JaffaCakes118
Size

196KB
MD5

bfc7c220a2e1aa788aaf932dc97786a4
SHA1

d71cd2d570099ccb56ca12cc2bd73b1600bacc10
SHA256

20016482424530a03886e9489c4d0820d21d9e87c8fd5bc2bd264e4157d290f4
SHA512

97e0e3234cafb490f0d3ac2cd576f9e6be64578e803cb55bdbe7459072101cc64d36f47a27e03616122d249cf9802768bdc549b1f719b713e410dfe5364e20b8
SSDEEP

3072:j084IOMtxqgvKjbQKx6oFBIRWve3pd6BbDMgSxoJePlN94d4d1CqWHmaxw9j:jwIPxqeKBo+QWm3pofHnJeNRXJWHm+w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfc7c220a2e1aa788aaf932dc97786a4_JaffaCakes118

Files

bfc7c220a2e1aa788aaf932dc97786a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

43b1e3a3e7ad6e5297ce546031feb2e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VerLanguageNameW
GetUserDefaultLangID
CreateFiber
SearchPathW
GetFileAttributesA
LockFile
GetFileTime
SetCommConfig
GetFileType
IsDBCSLeadByte
LocalAlloc
FindResourceExA
GetVersionExW
EnumResourceNamesW
FlushFileBuffers
SetEndOfFile
GetVolumeInformationW
GetSystemTime
GetProfileStringW
CompareStringW
FileTimeToLocalFileTime
FileTimeToSystemTime
FlushFileBuffers
UnlockFile
GetSystemDirectoryW

gdi32

FlattenPath
StrokePath
CreatePen
CreateFontIndirectA
RoundRect
SetStretchBltMode
PolyBezier
GetBkColor
GetPath
AnimatePalette
SetTextColor
GetBitmapBits
ExtCreatePen
PlgBlt
SetDIBits

user32

GetSysColorBrush
ToAscii
DefWindowProcW
DrawEdge
WinHelpW
MonitorFromWindow
ClipCursor
RegisterClassW
ChildWindowFromPoint
SetClipboardData
UnhookWindowsHookEx
IsClipboardFormatAvailable
SetWindowsHookExW
EmptyClipboard
SetWindowPos
SetScrollRange
DestroyCursor
DestroyIcon
CallNextHookEx
GetSysColor

comctl32

ImageList_DrawEx
ImageList_Add
ImageList_GetIconSize
ImageList_Create
ImageList_Destroy

ole32

OleDuplicateData
GetHGlobalFromStream
OleGetAutoConvert
CoTaskMemAlloc
CoGetClassObject
StringFromCLSID
CoCreateInstance
CoCreateGuid
CLSIDFromProgID
RegisterDragDrop
CreateStreamOnHGlobal
CoTaskMemFree
CoGetMalloc
CLSIDFromString
GetHGlobalFromILockBytes
StgCreateDocfileOnILockBytes
RevokeDragDrop
OleRegGetUserType
ReleaseStgMedium
CoFreeUnusedLibraries
StgOpenStorageOnILockBytes
OleRun
ProgIDFromCLSID
CreateILockBytesOnHGlobal

shlwapi

PathStripToRootW
PathIsURLW
PathIsRelativeW
PathIsRootW
PathCanonicalizeW
PathCombineW

comdlg32

GetFileTitleA

rpcrt4

NdrClientCall
RpcBindingFromStringBindingA
RpcStringBindingComposeA
RpcBindingSetAuthInfoA
RpcStringFreeA

Sections

.text
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43b1e3a3e7ad6e5297ce546031feb2e4

Headers

File Characteristics

Imports

kernel32

gdi32

user32

comctl32

ole32

shlwapi

comdlg32

rpcrt4

Sections

.text Size: 173KB - Virtual size: 173KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 18KB - Virtual size: 17KB

.lib Size: 512B - Virtual size: 352KB

.text
Size: 173KB - Virtual size: 173KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 18KB - Virtual size: 17KB

.lib
Size: 512B - Virtual size: 352KB