dded2c08026661aceb5e673aa1eb47a5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dded2c08026661aceb5e673aa1eb47a5_JaffaCakes118
Size

192KB
MD5

dded2c08026661aceb5e673aa1eb47a5
SHA1

2078974e6343616d1ef3e881684014a2b7128339
SHA256

44f9558076181c170d1689da001fb75bbe4bb74cd5d28203ab9068e74c16bb46
SHA512

32313a18b148e50b193edee52363bf9f3391b985845a3822d4f067a425ecb5e79ead90f8f5324c5733a3bf786325a9b74e0fe6a0eff367e0370b21b588c27371
SSDEEP

6144:xNxrZcvNi593z/3SR5B6JOshRg/d9MPZ6:xNxuu1z/3pJNhRg/HMPw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dded2c08026661aceb5e673aa1eb47a5_JaffaCakes118

Files

dded2c08026661aceb5e673aa1eb47a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98299a06ebf728288fc053a2321555ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

ReleaseStgMedium
OleDuplicateData
RevokeDragDrop
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetMalloc
CreateStreamOnHGlobal
StringFromCLSID
CoCreateGuid
OleRun
CoTaskMemFree
OleGetAutoConvert
CLSIDFromProgID
CLSIDFromString
OleRegGetUserType
RegisterDragDrop
ProgIDFromCLSID
CoCreateInstance
CoFreeUnusedLibraries
CoGetClassObject
GetHGlobalFromILockBytes
GetHGlobalFromStream
CreateILockBytesOnHGlobal

gdi32

PlgBlt
RoundRect
GetPath
StrokePath
PolyBezier
ExtCreatePen
CreateFontIndirectA
GetBkColor
SetStretchBltMode
SetTextColor
AnimatePalette
GetBitmapBits
CreatePen
FlattenPath
SetDIBits

user32

EmptyClipboard
ToAscii
WinHelpW
SetWindowPos
SetWindowsHookExW
GetSysColorBrush
SetScrollRange
DrawEdge
DefWindowProcW
MonitorFromWindow
DestroyIcon
ChildWindowFromPoint
CallNextHookEx
IsClipboardFormatAvailable
UnhookWindowsHookEx
DestroyCursor
SetClipboardData
RegisterClassW
ClipCursor
GetSysColor

comdlg32

GetFileTitleA

kernel32

CreateFiber
LockFile
GetProfileStringW
UnlockFile
GetFileType
SetCommConfig
VerLanguageNameW
FileTimeToSystemTime
GetVolumeInformationW
GetVersionExW
GetUserDefaultLangID
LocalAlloc
EnumResourceNamesW
GetFileAttributesA
FlushFileBuffers
FindResourceExA
FlushFileBuffers
CompareStringW
SearchPathW
IsDBCSLeadByte
GetSystemTime
GetFileTime
SetEndOfFile
FileTimeToLocalFileTime
GetSystemDirectoryW

shlwapi

PathIsURLW
PathIsRootW
PathCanonicalizeW
PathStripToRootW
PathIsRelativeW
PathCombineW

comctl32

ImageList_DrawEx
ImageList_Add
ImageList_GetIconSize
ImageList_Create
ImageList_Destroy

rpcrt4

RpcBindingFromStringBindingA
NdrClientCall
RpcStringBindingComposeA
RpcBindingSetAuthInfoA
RpcStringFreeA

Sections

.text
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98299a06ebf728288fc053a2321555ed

Headers

File Characteristics

Imports

ole32

gdi32

user32

comdlg32

kernel32

shlwapi

comctl32

rpcrt4

Sections

.text Size: 170KB - Virtual size: 170KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 17KB - Virtual size: 17KB

.lib Size: 512B - Virtual size: 220KB

.text
Size: 170KB - Virtual size: 170KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 17KB - Virtual size: 17KB

.lib
Size: 512B - Virtual size: 220KB