3019cbc83aac2ebb288d57941658d9da_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3019cbc83aac2ebb288d57941658d9da_JaffaCakes118
Size

180KB
MD5

3019cbc83aac2ebb288d57941658d9da
SHA1

43e90751aaa18a5cdf97256ab9b5a9741e260e5c
SHA256

bcd714923536019d963c41eb7080f9ec90cf562fe79673910a73594b974fc23e
SHA512

df65884642a028181b201d44460a4a5c06447cbe0290f155e0d9b1811ff539964160bc75389dc46328414d8d5b2f0b5364651b2fad2b14a4d71a58bef8eed278
SSDEEP

3072:ADZIgxW5aJvgjeJkRryTQnAmtzJfLVGDjpKd20u36/6YYsQl21pK4FGt0YB:ADZIgUa9I7gQnAU1LVsSPu5siqxsV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3019cbc83aac2ebb288d57941658d9da_JaffaCakes118

Files

3019cbc83aac2ebb288d57941658d9da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4b6c509bac011c55724809a0c150a941

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

PathCanonicalizeW
PathIsRelativeW
PathStripToRootW
PathIsURLW
PathIsRootW
PathCombineW

rpcrt4

RpcBindingSetAuthInfoA
RpcStringBindingComposeA
RpcBindingFromStringBindingA
NdrClientCall
RpcStringFreeA

gdi32

RoundRect
SetTextColor
ExtCreatePen
CreateFontIndirectA
PolyBezier
GetBitmapBits
CreatePen
GetPath
AnimatePalette
GetBkColor
FlattenPath
SetStretchBltMode
StrokePath
PlgBlt
SetDIBits

comdlg32

GetFileTitleA

kernel32

CreateFiber
GetFileTime
FlushFileBuffers
LocalAlloc
VerLanguageNameW
GetFileAttributesA
GetUserDefaultLangID
SetCommConfig
GetFileType
FileTimeToSystemTime
SearchPathW
UnlockFile
CompareStringW
EnumResourceNamesW
FindResourceExA
LockFile
GetProfileStringW
FlushFileBuffers
GetVersionExW
GetVolumeInformationW
GetSystemTime
FileTimeToLocalFileTime
IsDBCSLeadByte
SetEndOfFile
GetSystemDirectoryW

user32

IsClipboardFormatAvailable
SetScrollRange
MonitorFromWindow
ClipCursor
DestroyIcon
UnhookWindowsHookEx
CallNextHookEx
SetWindowPos
DestroyCursor
ChildWindowFromPoint
SetClipboardData
DrawEdge
RegisterClassW
EmptyClipboard
SetWindowsHookExW
DefWindowProcW
WinHelpW
ToAscii
GetSysColorBrush
GetSysColor

comctl32

ImageList_GetIconSize
ImageList_Add
ImageList_Create
ImageList_DrawEx
ImageList_Destroy

ole32

RevokeDragDrop
CoGetMalloc
CLSIDFromProgID
ReleaseStgMedium
GetHGlobalFromILockBytes
CoTaskMemAlloc
OleDuplicateData
StgOpenStorageOnILockBytes
OleRegGetUserType
CoCreateInstance
CLSIDFromString
CoGetClassObject
OleRun
GetHGlobalFromStream
CoTaskMemFree
StgCreateDocfileOnILockBytes
OleGetAutoConvert
StringFromCLSID
CoFreeUnusedLibraries
CreateStreamOnHGlobal
RegisterDragDrop
ProgIDFromCLSID
CoCreateGuid
CreateILockBytesOnHGlobal

Sections

.text
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b6c509bac011c55724809a0c150a941

Headers

File Characteristics

Imports

shlwapi

rpcrt4

gdi32

comdlg32

kernel32

user32

comctl32

ole32

Sections

.text Size: 155KB - Virtual size: 154KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 21KB - Virtual size: 20KB

.lib Size: 512B - Virtual size: 76KB

.text
Size: 155KB - Virtual size: 154KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 21KB - Virtual size: 20KB

.lib
Size: 512B - Virtual size: 76KB