2c4d9df40c3b3f247f21670e0e5f3d10_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c4d9df40c3b3f247f21670e0e5f3d10_JaffaCakes118
Size

204KB
MD5

2c4d9df40c3b3f247f21670e0e5f3d10
SHA1

44df5b62304dded24670a49fd56ed5478005065e
SHA256

b1d907c92467d6a4d6438b6657ec0d00260b9f70ebc4b1374b3caf3861a8bf96
SHA512

be2bc14ab981f8287186f98f2928088c186708b1ea757f00bda38d15453d4a99389581141aaa01e004cf9f4c5cee12003eb46ea9d8f1e5e1e69f76dc941d0287
SSDEEP

6144:kipBU3ruvSj5snI0N5ZH5DwwhdrsEbCZu+KdNIc:3pBquRvXwohlbHJdNIc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c4d9df40c3b3f247f21670e0e5f3d10_JaffaCakes118

Files

2c4d9df40c3b3f247f21670e0e5f3d10_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e56541c6b7db3d3aa8803f3e4956f4c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

ImageList_DrawEx
ImageList_GetIconSize
ImageList_Create
ImageList_Add
ImageList_Destroy

gdi32

RoundRect
SetStretchBltMode
CreateFontIndirectA
PolyBezier
AnimatePalette
StrokePath
SetTextColor
FlattenPath
GetBkColor
GetBitmapBits
CreatePen
GetPath
PlgBlt
ExtCreatePen
SetDIBits

user32

CallNextHookEx
DefWindowProcW
DrawEdge
UnhookWindowsHookEx
SetWindowPos
ClipCursor
SetClipboardData
WinHelpW
DestroyIcon
SetScrollRange
SetWindowsHookExW
IsClipboardFormatAvailable
RegisterClassW
DestroyCursor
EmptyClipboard
ToAscii
GetSysColorBrush
ChildWindowFromPoint
MonitorFromWindow
GetSysColor

ole32

GetHGlobalFromStream
OleRun
OleRegGetUserType
ReleaseStgMedium
ProgIDFromCLSID
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
GetHGlobalFromILockBytes
OleGetAutoConvert
OleDuplicateData
CLSIDFromString
CreateStreamOnHGlobal
CoGetMalloc
CoFreeUnusedLibraries
RegisterDragDrop
CLSIDFromProgID
RevokeDragDrop
CoCreateInstance
CoTaskMemFree
CoGetClassObject
CoCreateGuid
StringFromCLSID
CreateILockBytesOnHGlobal

rpcrt4

NdrClientCall
RpcBindingFromStringBindingA
RpcBindingSetAuthInfoA
RpcStringBindingComposeA
RpcStringFreeA

comdlg32

GetFileTitleA

shlwapi

PathIsURLW
PathCanonicalizeW
PathIsRootW
PathIsRelativeW
PathStripToRootW
PathCombineW

kernel32

CreateFiberEx
FileTimeToLocalFileTime
IsDBCSLeadByte
GetVersionExW
GetFileTime
FindResourceExA
SetCommConfig
UnlockFile
GetFileType
SearchPathW
VerLanguageNameW
CompareStringW
GetProfileStringW
EnumResourceNamesW
LocalAlloc
GetUserDefaultLangID
LockFile
FlushFileBuffers
FileTimeToSystemTime
SetEndOfFile
FlushFileBuffers
GetFileAttributesA
GetVolumeInformationW
GetSystemTime
GetSystemDirectoryW

Sections

.text
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e56541c6b7db3d3aa8803f3e4956f4c

Headers

File Characteristics

Imports

comctl32

gdi32

user32

ole32

rpcrt4

comdlg32

shlwapi

kernel32

Sections

.text Size: 173KB - Virtual size: 172KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 26KB - Virtual size: 26KB

.lib Size: 512B - Virtual size: 96KB

.text
Size: 173KB - Virtual size: 172KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 26KB - Virtual size: 26KB

.lib
Size: 512B - Virtual size: 96KB