fdd7e29b5cfb8eeb4e0a3b999d3110ff_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fdd7e29b5cfb8eeb4e0a3b999d3110ff_JaffaCakes118
Size

197KB
MD5

fdd7e29b5cfb8eeb4e0a3b999d3110ff
SHA1

59e0802c0fc8210be464b451c54de5f965eeeb35
SHA256

ca760418eb136e13eac6694bc673bf55cf9549ad9802f68284db07880da0f99b
SHA512

15c9837a43a62407188c1c59144931f5dfe501734108d246a4292d1a43e778062355fabac8cf763c9dbe5c5dd6a6497fd68fba6793a1f723ee47a6247c64f956
SSDEEP

6144:hGoGPPhUOn/imGVwRGgUfb3VMFoV3+q+ws:hGxFn/izVwMg0b3W6uq+w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdd7e29b5cfb8eeb4e0a3b999d3110ff_JaffaCakes118

Files

fdd7e29b5cfb8eeb4e0a3b999d3110ff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6a74dd6a25b07d4e24f90c1798d71bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

PathCanonicalizeW
PathIsRootW
PathIsRelativeW
PathIsURLW
PathStripToRootW
PathCombineW

rpcrt4

RpcBindingFromStringBindingA
RpcStringBindingComposeA
NdrClientCall
RpcBindingSetAuthInfoA
RpcStringFreeA

kernel32

GetVersionExW
GetVolumeInformationW
SearchPathW
CreateFiber
FileTimeToSystemTime
LockFile
SetCommConfig
GetUserDefaultLangID
SetEndOfFile
GetFileTime
EnumResourceNamesW
CompareStringW
IsDBCSLeadByte
VerLanguageNameW
FlushFileBuffers
GetProfileStringW
FileTimeToLocalFileTime
GetFileType
LocalAlloc
FindResourceExA
GetSystemTime
GetFileAttributesA
UnlockFile
FlushFileBuffers
GetSystemDirectoryW

comctl32

ImageList_GetIconSize
ImageList_DrawEx
ImageList_Add
ImageList_Create
ImageList_Destroy

ole32

CoFreeUnusedLibraries
OleRegGetUserType
StringFromCLSID
RegisterDragDrop
OleGetAutoConvert
CoTaskMemAlloc
GetHGlobalFromStream
RevokeDragDrop
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CLSIDFromString
CoTaskMemFree
CreateStreamOnHGlobal
CoGetMalloc
OleRun
ProgIDFromCLSID
CLSIDFromProgID
CoCreateGuid
CoCreateInstance
GetHGlobalFromILockBytes
CoGetClassObject
ReleaseStgMedium
OleDuplicateData
CreateILockBytesOnHGlobal

gdi32

SetStretchBltMode
SetTextColor
RoundRect
ExtCreatePen
AnimatePalette
StrokePath
CreatePen
PlgBlt
PolyBezier
FlattenPath
CreateFontIndirectA
GetBkColor
GetPath
GetBitmapBits
SetDIBits

user32

RegisterClassW
DrawEdge
SetWindowsHookExW
IsClipboardFormatAvailable
DestroyIcon
ClipCursor
DefWindowProcW
WinHelpW
MonitorFromWindow
DestroyCursor
ToAscii
UnhookWindowsHookEx
SetClipboardData
ChildWindowFromPoint
SetScrollRange
GetSysColorBrush
SetWindowPos
EmptyClipboard
CallNextHookEx
GetSysColor

comdlg32

GetFileTitleA

Sections

.text
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6a74dd6a25b07d4e24f90c1798d71bc

Headers

File Characteristics

Imports

shlwapi

rpcrt4

kernel32

comctl32

ole32

gdi32

user32

comdlg32

Sections

.text Size: 176KB - Virtual size: 176KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 16KB - Virtual size: 15KB

.lib Size: 512B - Virtual size: 352KB

.text
Size: 176KB - Virtual size: 176KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 16KB - Virtual size: 15KB

.lib
Size: 512B - Virtual size: 352KB