ef0df04826c8f2b69f54562281b4a425_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ef0df04826c8f2b69f54562281b4a425_JaffaCakes118
Size

210KB
MD5

ef0df04826c8f2b69f54562281b4a425
SHA1

ccf8141502cbb837fef134513e672e9e63494465
SHA256

a98d6932c80520f21c8f316e7ab56d251a0f31b1497453931cfb576c9804397b
SHA512

82a45895130c1e8184523dddf602a6008bd4bb970b2f7324d5e3c2be29f6b1f14b3147828d958fe5e9c8d0fc1551621ec05f03100846c360f88460e4941d1074
SSDEEP

3072:cXoFfY0TZB8rDQjzawmKisy2MSQvWwra89+MfGamvqbiB5qqKtH/hKriRYYAYr+2:cXolewm3r79GamMiBMtJKrYYY+2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef0df04826c8f2b69f54562281b4a425_JaffaCakes118

Files

ef0df04826c8f2b69f54562281b4a425_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e6e1fbe1cea52bf7afc302d30ff2bbb6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateFiber
LocalAlloc
IsDBCSLeadByte
GetFileAttributesA
GetFileType
GetVolumeInformationW
UnlockFile
SetCommConfig
GetSystemTime
SetEndOfFile
FlushFileBuffers
GetFileTime
EnumResourceNamesW
FileTimeToLocalFileTime
VerLanguageNameW
FlushFileBuffers
CompareStringW
SearchPathW
GetProfileStringW
FindResourceExA
FileTimeToSystemTime
LockFile
GetUserDefaultLangID
GetVersionExW
GetSystemDirectoryW

user32

MonitorFromWindow
ClipCursor
RegisterClassW
ChildWindowFromPoint
UnhookWindowsHookEx
SetClipboardData
DrawEdge
DestroyCursor
CallNextHookEx
SetWindowPos
IsClipboardFormatAvailable
DefWindowProcW
GetSysColorBrush
ToAscii
WinHelpW
DestroyIcon
SetWindowsHookExW
EmptyClipboard
SetScrollRange
GetSysColor

comdlg32

GetFileTitleA

shlwapi

PathCanonicalizeW
PathIsRootW
PathIsRelativeW
PathIsURLW
PathStripToRootW
PathCombineW

ole32

CoTaskMemFree
CoCreateGuid
RegisterDragDrop
RevokeDragDrop
OleRegGetUserType
CoGetClassObject
StgCreateDocfileOnILockBytes
OleDuplicateData
CoTaskMemAlloc
CLSIDFromString
CoFreeUnusedLibraries
GetHGlobalFromILockBytes
CreateStreamOnHGlobal
StringFromCLSID
ProgIDFromCLSID
CoGetMalloc
OleRun
CLSIDFromProgID
CoCreateInstance
OleGetAutoConvert
ReleaseStgMedium
StgOpenStorageOnILockBytes
GetHGlobalFromStream
CreateILockBytesOnHGlobal

comctl32

ImageList_Create
ImageList_GetIconSize
ImageList_Add
ImageList_DrawEx
ImageList_Destroy

rpcrt4

RpcStringBindingComposeA
RpcBindingSetAuthInfoA
NdrClientCall
RpcBindingFromStringBindingA
RpcStringFreeA

gdi32

SetTextColor
AnimatePalette
GetBitmapBits
SetStretchBltMode
ExtCreatePen
GetBkColor
CreateFontIndirectA
CreatePen
FlattenPath
StrokePath
RoundRect
GetPath
PlgBlt
PolyBezier
SetDIBits

Sections

.text
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6e1fbe1cea52bf7afc302d30ff2bbb6

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

shlwapi

ole32

comctl32

rpcrt4

gdi32

Sections

.text Size: 191KB - Virtual size: 190KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 14KB - Virtual size: 14KB

.lib Size: 512B - Virtual size: 92KB

.text
Size: 191KB - Virtual size: 190KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 14KB - Virtual size: 14KB

.lib
Size: 512B - Virtual size: 92KB