2ae1c4a9e8d5095703c919ff36d46900_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ae1c4a9e8d5095703c919ff36d46900_JaffaCakes118
Size

205KB
MD5

2ae1c4a9e8d5095703c919ff36d46900
SHA1

726e10aaeb0aece816ecbd4173dd96e3e83bb0d4
SHA256

67d8388b4dfd4b5f8a8ee50760f9ade0c7b4708f767d54291c48af7c07e611c7
SHA512

5b29a1607329155fc38b08bbe519f4f3f4f7558ec4bec6e58dc41ad160d1fd2c26be95d692da1c77f798224a3141cffac7f5a2b80415614bb46b04d78f50381b
SSDEEP

3072:+fJHpQ+RM57nFOm6UTiHIvc4FwCSO/tqt+xaJlxhZvuthsi8d:+fJHp9WzFOVlHIHPSO/tA+wJWsi8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ae1c4a9e8d5095703c919ff36d46900_JaffaCakes118

Files

2ae1c4a9e8d5095703c919ff36d46900_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5f0a9842a9b85a379d6c0852d29f9da8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

OleRegGetUserType
StgOpenStorageOnILockBytes
CoTaskMemFree
CLSIDFromString
StringFromCLSID
OleRun
ReleaseStgMedium
CoCreateInstance
RevokeDragDrop
CoTaskMemAlloc
RegisterDragDrop
OleDuplicateData
CoFreeUnusedLibraries
CoCreateGuid
CreateStreamOnHGlobal
CoGetClassObject
CoGetMalloc
StgCreateDocfileOnILockBytes
CLSIDFromProgID
ProgIDFromCLSID
OleGetAutoConvert
GetHGlobalFromILockBytes
GetHGlobalFromStream
CreateILockBytesOnHGlobal

comctl32

ImageList_Create
ImageList_Add
ImageList_DrawEx
ImageList_GetIconSize
ImageList_Destroy

rpcrt4

RpcBindingSetAuthInfoA
RpcStringBindingComposeA
NdrClientCall
RpcBindingFromStringBindingA
RpcStringFreeA

gdi32

GetPath
CreatePen
RoundRect
GetBitmapBits
PolyBezier
PlgBlt
FlattenPath
ExtCreatePen
SetTextColor
StrokePath
AnimatePalette
GetBkColor
SetStretchBltMode
CreateFontIndirectA
SetDIBits

user32

SetWindowPos
RegisterClassW
MonitorFromWindow
DestroyCursor
DrawEdge
UnhookWindowsHookEx
ClipCursor
EmptyClipboard
WinHelpW
ChildWindowFromPoint
CallNextHookEx
SetClipboardData
DestroyIcon
IsClipboardFormatAvailable
SetScrollRange
DefWindowProcW
ToAscii
SetWindowsHookExW
GetSysColorBrush
GetSysColor

shlwapi

PathStripToRootW
PathIsRelativeW
PathIsRootW
PathIsURLW
PathCanonicalizeW
PathCombineW

kernel32

FindResourceExA
CreateFiberEx
IsDBCSLeadByte
LocalAlloc
GetProfileStringW
SetCommConfig
FileTimeToSystemTime
GetFileTime
FlushFileBuffers
GetUserDefaultLangID
FileTimeToLocalFileTime
EnumResourceNamesW
GetSystemTime
GetFileAttributesA
FlushFileBuffers
SetEndOfFile
GetVersionExW
CompareStringW
VerLanguageNameW
UnlockFile
LockFile
GetFileType
SearchPathW
GetVolumeInformationW
GetSystemDirectoryW

comdlg32

GetFileTitleA

Sections

.text
Size: 177KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f0a9842a9b85a379d6c0852d29f9da8

Headers

File Characteristics

Imports

ole32

comctl32

rpcrt4

gdi32

user32

shlwapi

kernel32

comdlg32

Sections

.text Size: 177KB - Virtual size: 176KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 24KB - Virtual size: 23KB

.lib Size: 512B - Virtual size: 96KB

.text
Size: 177KB - Virtual size: 176KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 24KB - Virtual size: 23KB

.lib
Size: 512B - Virtual size: 96KB