2dc1a3ecb975d8668e5327965ed8dc4a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2dc1a3ecb975d8668e5327965ed8dc4a_JaffaCakes118
Size

192KB
MD5

2dc1a3ecb975d8668e5327965ed8dc4a
SHA1

b617ed22760561a093be855b82e3504c5a21f08d
SHA256

b367a497f04cc8536cf2f13c65aa4f44559edd0a00102c70acb2acebd30a9c78
SHA512

4120ecb067cf93a51744706fe3b4320865ad22d97fd0d05a0ae2999f2d247878e9559d95883552e7697ef016a53796b921dcb17ce228d02caf2293fcca844048
SSDEEP

3072:7ozCFZv+pdi4DeTxHvbm4ZrHltst/6hp/AZ1dcEhpUFxcGxKD2xio8ueCm6Z0:xZl4DMxHxDlNp4ZdUFqT22Cm6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2dc1a3ecb975d8668e5327965ed8dc4a_JaffaCakes118

Files

2dc1a3ecb975d8668e5327965ed8dc4a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d72d6390a8f6dea1d1e96a81c845ee15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

DestroyCursor
ClipCursor
UnhookWindowsHookEx
ChildWindowFromPoint
GetSysColorBrush
MonitorFromWindow
IsClipboardFormatAvailable
WinHelpW
RegisterClassW
DrawEdge
SetScrollRange
SetWindowsHookExW
ToAscii
SetClipboardData
CallNextHookEx
DefWindowProcW
SetWindowPos
EmptyClipboard
DestroyIcon
GetSysColor

comdlg32

GetFileTitleA

shlwapi

PathIsRootW
PathIsRelativeW
PathCanonicalizeW
PathIsURLW
PathStripToRootW
PathCombineW

kernel32

FileTimeToSystemTime
CreateFiber
LockFile
FileTimeToLocalFileTime
GetFileType
GetVolumeInformationW
GetProfileStringW
UnlockFile
SetCommConfig
GetUserDefaultLangID
CompareStringW
GetFileTime
SetEndOfFile
EnumResourceNamesW
FlushFileBuffers
FindResourceExA
GetSystemTime
VerLanguageNameW
IsDBCSLeadByte
GetVersionExW
GetFileAttributesA
SearchPathW
LocalAlloc
FlushFileBuffers
GetSystemDirectoryW

comctl32

ImageList_Create
ImageList_Add
ImageList_GetIconSize
ImageList_DrawEx
ImageList_Destroy

gdi32

StrokePath
GetBitmapBits
PolyBezier
GetBkColor
PlgBlt
SetStretchBltMode
GetPath
FlattenPath
RoundRect
ExtCreatePen
SetTextColor
CreateFontIndirectA
CreatePen
AnimatePalette
SetDIBits

rpcrt4

NdrClientCall
RpcBindingFromStringBindingA
RpcStringBindingComposeA
RpcBindingSetAuthInfoA
RpcStringFreeA

ole32

OleGetAutoConvert
GetHGlobalFromStream
StgOpenStorageOnILockBytes
OleRegGetUserType
RevokeDragDrop
CoTaskMemFree
OleDuplicateData
CoCreateInstance
OleRun
CoGetClassObject
CoTaskMemAlloc
GetHGlobalFromILockBytes
StringFromCLSID
CoCreateGuid
ReleaseStgMedium
CoGetMalloc
ProgIDFromCLSID
StgCreateDocfileOnILockBytes
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
CoFreeUnusedLibraries
RegisterDragDrop
CreateILockBytesOnHGlobal

Sections

.text
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d72d6390a8f6dea1d1e96a81c845ee15

Headers

File Characteristics

Imports

user32

comdlg32

shlwapi

kernel32

comctl32

gdi32

rpcrt4

ole32

Sections

.text Size: 167KB - Virtual size: 167KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 19KB

.lib Size: 512B - Virtual size: 224KB

.text
Size: 167KB - Virtual size: 167KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 19KB

.lib
Size: 512B - Virtual size: 224KB