c0316a239b7d9ef24415670c685f9a3a_JaffaCakes118

General

Target

c0316a239b7d9ef24415670c685f9a3a_JaffaCakes118
Size

209KB
MD5

c0316a239b7d9ef24415670c685f9a3a
SHA1

3773d7c49e1e16386f2267248bc7e363dccdb7c7
SHA256

e4d7cabb928029fe3bdd368b5ff60b8dc1b67649b4e9c38529cf4d99fe17b6c8
SHA512

d1fd793d50fccadb8297579307eea27a068254cc3212fe79f9393acabc2e61691869454b6df9b18504ac5e372acaf7ba5266539540c7a3d0ee40e4205f69fe0e
SSDEEP

6144:IEemuGYIMrvYVcMN1ffQF9QidTyL32sdXTysE:IEeBPrwpXidTYZT/E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0316a239b7d9ef24415670c685f9a3a_JaffaCakes118

Files

c0316a239b7d9ef24415670c685f9a3a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7f21f73e3c4cd85c6db9d5f070035b77

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateFiber
GetProfileStringW
FileTimeToLocalFileTime
GetFileTime
GetFileType
UnlockFile
TerminateProcess
SearchPathW
GetFileAttributesA
GetUserDefaultLangID
FileTimeToSystemTime
EnumResourceNamesA
GetVersionExW
CompareStringW
VerLanguageNameW
IsDBCSLeadByte
FlushFileBuffers
GetVolumeInformationW
LockFile
SetEndOfFile
GetSystemTime
FindResourceExA
FlushFileBuffers
LocalAlloc
GetSystemDirectoryW

comctl32

ImageList_DrawEx
ImageList_Add
ImageList_Create
ImageList_GetIconSize
ImageList_Destroy

user32

EmptyClipboard
WinHelpW
DrawEdge
IsClipboardFormatAvailable
SetScrollRange
ToAscii
DestroyIcon
ChildWindowFromPoint
RealGetWindowClass
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
GetSysColorBrush
DefWindowProcW
SetClipboardData
SetWindowPos
ClipCursor
RegisterClassW
DestroyCursor
GetSysColor

comdlg32

GetFileTitleA

rpcrt4

RpcStringBindingComposeA
NdrClientCall
RpcBindingFromStringBindingA
RpcBindingSetAuthInfoA
RpcStringFreeA

Sections

.text
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f21f73e3c4cd85c6db9d5f070035b77

Headers

File Characteristics

Imports

kernel32

comctl32

user32

comdlg32

rpcrt4

Sections

.text Size: 191KB - Virtual size: 190KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 14KB - Virtual size: 14KB

.tls Size: 512B - Virtual size: 92KB

.text
Size: 191KB - Virtual size: 190KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 14KB - Virtual size: 14KB

.tls
Size: 512B - Virtual size: 92KB