d3d9d4c51d99e442f7aaca7e489768f4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d3d9d4c51d99e442f7aaca7e489768f4_JaffaCakes118
Size

187KB
MD5

d3d9d4c51d99e442f7aaca7e489768f4
SHA1

be15d64bdda08e2a6182a557656d1c158e3f893e
SHA256

58841391dd8f37f6bceb7bdbeca2eab51e14ebe9f7810b1d0af9e8c48268798c
SHA512

d39405d4a2188ac196667d08f129bc04bd457c4eb2395c9c4b4d479bccbe124cc46b16879471f11a1932e5629ba804706b6c9ac7bce13db86b3570fa43a81f13
SSDEEP

3072:M3NXk+I8q+ILDUkmdPWenHXN+CUxvxGfQV0ywfVHBo1xcP//icATqAe8zQ:3ZUtWeHcCtfQV0Bfdq1xcPSrTP1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3d9d4c51d99e442f7aaca7e489768f4_JaffaCakes118

Files

d3d9d4c51d99e442f7aaca7e489768f4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f748ce7b543662bb83070948218dd418

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

CreateFontIndirectA
SetTextColor
CreatePen
SetStretchBltMode
GetBitmapBits
GetPath
GetBkColor
PolyBezier
StrokePath
ExtCreatePen
AnimatePalette
PlgBlt
FlattenPath
RoundRect
SetDIBits

user32

CallNextHookEx
EmptyClipboard
SetWindowPos
UnhookWindowsHookEx
DestroyIcon
DestroyCursor
ClipCursor
MonitorFromWindow
SetScrollRange
WinHelpW
DrawEdge
GetSysColorBrush
ChildWindowFromPoint
RegisterClassW
DefWindowProcW
SetWindowsHookExW
SetClipboardData
IsClipboardFormatAvailable
ToAscii
GetSysColor

rpcrt4

RpcStringBindingComposeA
NdrClientCall
RpcBindingSetAuthInfoA
RpcBindingFromStringBindingA
RpcStringFreeA

kernel32

CreateFiberEx
GetVersionExW
UnlockFile
GetProfileStringW
GetFileType
CompareStringW
GetFileAttributesA
SetCommConfig
GetFileTime
FlushFileBuffers
EnumResourceNamesW
FileTimeToLocalFileTime
GetSystemTime
GetUserDefaultLangID
FlushFileBuffers
GetVolumeInformationW
LocalAlloc
SetEndOfFile
FindResourceExA
SearchPathW
IsDBCSLeadByte
VerLanguageNameW
FileTimeToSystemTime
LockFile
GetSystemDirectoryW

comctl32

ImageList_Add
ImageList_GetIconSize
ImageList_DrawEx
ImageList_Create
ImageList_Destroy

shlwapi

PathIsRelativeW
PathCanonicalizeW
PathIsURLW
PathIsRootW
PathStripToRootW
PathCombineW

comdlg32

GetFileTitleA

ole32

CLSIDFromString
CoCreateGuid
ProgIDFromCLSID
ReleaseStgMedium
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
RevokeDragDrop
CoGetMalloc
CoCreateInstance
StringFromCLSID
CoTaskMemFree
OleDuplicateData
RegisterDragDrop
CLSIDFromProgID
CreateStreamOnHGlobal
OleRegGetUserType
GetHGlobalFromILockBytes
OleRun
StgOpenStorageOnILockBytes
GetHGlobalFromStream
OleGetAutoConvert
CoGetClassObject
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f748ce7b543662bb83070948218dd418

Headers

File Characteristics

Imports

gdi32

user32

rpcrt4

kernel32

comctl32

shlwapi

comdlg32

ole32

Sections

.text Size: 168KB - Virtual size: 168KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 14KB - Virtual size: 14KB

.lib Size: 512B - Virtual size: 72KB

.text
Size: 168KB - Virtual size: 168KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 14KB - Virtual size: 14KB

.lib
Size: 512B - Virtual size: 72KB