1045de0f26d3ef4401ed55d735a4b245_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1045de0f26d3ef4401ed55d735a4b245_JaffaCakes118
Size

105KB
MD5

1045de0f26d3ef4401ed55d735a4b245
SHA1

4e5b531727177ddb42f19be280cad865e2004f24
SHA256

e9be596c998d3babd0be57fb20fe5e07051ff731d8168ce9ea9196c385ac033c
SHA512

2b54afac86e593b8148f919bdcb76023f85695b12ae37f9bc95d1d65a44287697444d6efc980e47915c35af27a9029faf8a88a989d4735a72b404d2c820708ff
SSDEEP

1536:iJPmAHnTcXKD0IhojSE9fkyIb6hq5vhaGbihPTMDIdCOgl8moNWZn2y5rkINQBEB:ipmKYXvRSmkxb6hQPRGgemFXkOEE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1045de0f26d3ef4401ed55d735a4b245_JaffaCakes118

Files

1045de0f26d3ef4401ed55d735a4b245_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5d1e4a91d432c9eb6d69554b27071678

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

CStdStubBuffer_Disconnect
RpcServerUseProtseqEpW
RpcStringFreeA
NdrDllUnregisterProxy
CStdStubBuffer_Invoke
IUnknown_Release_Proxy
UuidFromStringW
NdrClientCall2
CStdStubBuffer_Connect
RpcStringFreeW
NdrOleFree
UuidToStringA
RpcBindingVectorFree
CStdStubBuffer_CountRefs
RpcImpersonateClient
CStdStubBuffer_IsIIDSupported
NdrCStdStubBuffer_Release
RpcBindingSetAuthInfoExW
NdrCStdStubBuffer2_Release
NdrStubCall2
NdrOleAllocate
RpcServerUnregisterIf
RpcStringBindingComposeW
CStdStubBuffer_AddRef
RpcServerRegisterAuthInfoW
CStdStubBuffer_QueryInterface
RpcEpResolveBinding
RpcBindingSetAuthInfoW
RpcBindingFromStringBindingW

kernel32

InterlockedIncrement
CreateFileW
GlobalFree
GetStartupInfoA
FormatMessageA
GetFullPathNameW
VirtualAlloc
IsBadWritePtr
SystemTimeToFileTime
CreateDirectoryA
FindClose
GetProcAddress
GetStringTypeA
GetWindowsDirectoryA
OutputDebugStringA
DisableThreadLibraryCalls
lstrcpynW
GetSystemDirectoryA
ExitProcess
CreateProcessW
lstrcmpA
FileTimeToSystemTime

oleaut32

SafeArrayCreate
SafeArrayGetUBound
VariantCopyInd
VariantChangeType
VariantInit
CreateErrorInfo
SafeArrayPtrOfIndex
VariantClear
SafeArrayPutElement
VariantCopy
LoadTypeLib
SysAllocStringByteLen
SysAllocStringLen
SysReAllocStringLen
SysFreeString
SafeArrayUnaccessData
GetActiveObject
OleLoadPicture
RegisterTypeLib
SafeArrayGetLBound
GetErrorInfo
SafeArrayAccessData
SysStringLen
SysStringByteLen

ole32

OleSaveToStream
CreateBindCtx
MkParseDisplayName
CoRevertToSelf
CoInitializeEx
CLSIDFromProgID
OleInitialize
WriteClassStm
PropVariantClear
CoGetMalloc
StringFromCLSID
OleRegEnumVerbs
StgIsStorageFile
CoCreateInstance
StgCreateDocfile
CoReleaseMarshalData
CoRegisterClassObject
ProgIDFromCLSID
OleLoadFromStream
CoCreateFreeThreadedMarshaler
StringFromIID
OleRun
CoSetProxyBlanket
CoTaskMemFree
CoGetInterfaceAndReleaseStream
StringFromGUID2
CoFreeUnusedLibraries

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5d1e4a91d432c9eb6d69554b27071678

Headers

File Characteristics

Imports

rpcrt4

kernel32

oleaut32

ole32

Sections

.text Size: 33KB - Virtual size: 33KB

.data Size: 63KB - Virtual size: 124KB

.idata Size: 6KB - Virtual size: 5KB

.text
Size: 33KB - Virtual size: 33KB

.data
Size: 63KB - Virtual size: 124KB

.idata
Size: 6KB - Virtual size: 5KB