eb11a94e071ac5e8f4a0681c423bb677_JaffaCakes118

General

Target

eb11a94e071ac5e8f4a0681c423bb677_JaffaCakes118
Size

142KB
MD5

eb11a94e071ac5e8f4a0681c423bb677
SHA1

218bb285342228c8a7cbb25bb6f0a598080ef147
SHA256

a72f80e6a6d9354cbb1bb38dfd910fac1958d5c6afb0a662d24d675da54616f8
SHA512

5d551f9f256a0acbbffcd32c110902d5a7ae3d312882cbbe7c646dfe16e23988b6c226a3110b6b68fb7c66ec3c12ce136faafa4ffe5f25c849052f0c513fbd7f
SSDEEP

3072:AvMuT8m3DHb4tzoZ94jbwNZEQqA4abBpxuGXRxjxPUixkK:aM29DHWtcEo4abNX3jJUix3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb11a94e071ac5e8f4a0681c423bb677_JaffaCakes118

Files

eb11a94e071ac5e8f4a0681c423bb677_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d7eea03ccff47aa2572c0cccb6a4e12b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextColor
GetBkColor
GetMapMode
GetTextExtentPoint32W
CreateFontIndirectW
CreateSolidBrush
GetStockObject
CreatePatternBrush
DeleteDC

ole32

CoCreateGuid
StringFromCLSID
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
OleLockRunning
StringFromGUID2
CoAllowSetForegroundWindow
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoCreateInstance
CoInitializeSecurity
CoSetProxyBlanket
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoGetClassObject

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathCombineW

shell32

SHGetFolderPathW
DragQueryFileW
DragFinish
CommandLineToArgvW
SHFileOperationW

comdlg32

GetFileTitleW

kernel32

GetLocaleInfoW
ExpandEnvironmentStringsW
GetCurrentThread
LZCopy
CreateProcessW
HeapAlloc
GetProcessHeap
HeapFree
GetVersionExW
SizeofResource
LockResource
LoadResource
FindResourceW

oleaut32

OleLoadPictureEx
GetRecordInfoFromTypeInfo
VarI4FromDec
SysFreeString

Sections

.text
Size: 76KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 294B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7eea03ccff47aa2572c0cccb6a4e12b

Headers

File Characteristics

Imports

gdi32

ole32

winspool.drv

shlwapi

shell32

comdlg32

kernel32

oleaut32

Sections

.text Size: 76KB - Virtual size: 116KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 72KB - Virtual size: 71KB

.reloc Size: 512B - Virtual size: 294B

.text
Size: 76KB - Virtual size: 116KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 72KB - Virtual size: 71KB

.reloc
Size: 512B - Virtual size: 294B