4250c1cbe0e16a3291cc23733020136b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4250c1cbe0e16a3291cc23733020136b_JaffaCakes118
Size

204KB
MD5

4250c1cbe0e16a3291cc23733020136b
SHA1

ed41e47f34e01b0107fe44103b5cb08fd22494a4
SHA256

9aa778e7dbe65a2e32c59a096d27e3168e3a10aa2e11320277fe6ad525593a29
SHA512

d92ea5a9f5808c54844ba29378293d57f0e00146524f6a38b2dfff7fa8ea0791ecee5a4caf37a0fe8093cd95ac8842180e99438c2e382b75b4f4f3502a6ef454
SSDEEP

6144:kipBU3ruvSj5snI0N5ZH5DwwhdrsEbCZu+KdNIc:3pBquRvXwohlbHJdNIc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4250c1cbe0e16a3291cc23733020136b_JaffaCakes118

Files

4250c1cbe0e16a3291cc23733020136b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e56541c6b7db3d3aa8803f3e4956f4c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

ImageList_DrawEx
ImageList_GetIconSize
ImageList_Create
ImageList_Add
ImageList_Destroy

gdi32

RoundRect
SetStretchBltMode
CreateFontIndirectA
PolyBezier
AnimatePalette
StrokePath
SetTextColor
FlattenPath
GetBkColor
GetBitmapBits
CreatePen
GetPath
PlgBlt
ExtCreatePen
SetDIBits

user32

CallNextHookEx
DefWindowProcW
DrawEdge
UnhookWindowsHookEx
SetWindowPos
ClipCursor
SetClipboardData
WinHelpW
DestroyIcon
SetScrollRange
SetWindowsHookExW
IsClipboardFormatAvailable
RegisterClassW
DestroyCursor
EmptyClipboard
ToAscii
GetSysColorBrush
ChildWindowFromPoint
MonitorFromWindow
GetSysColor

ole32

GetHGlobalFromStream
OleRun
OleRegGetUserType
ReleaseStgMedium
ProgIDFromCLSID
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
GetHGlobalFromILockBytes
OleGetAutoConvert
OleDuplicateData
CLSIDFromString
CreateStreamOnHGlobal
CoGetMalloc
CoFreeUnusedLibraries
RegisterDragDrop
CLSIDFromProgID
RevokeDragDrop
CoCreateInstance
CoTaskMemFree
CoGetClassObject
CoCreateGuid
StringFromCLSID
CreateILockBytesOnHGlobal

rpcrt4

NdrClientCall
RpcBindingFromStringBindingA
RpcBindingSetAuthInfoA
RpcStringBindingComposeA
RpcStringFreeA

comdlg32

GetFileTitleA

shlwapi

PathIsURLW
PathCanonicalizeW
PathIsRootW
PathIsRelativeW
PathStripToRootW
PathCombineW

kernel32

CreateFiberEx
FileTimeToLocalFileTime
IsDBCSLeadByte
GetVersionExW
GetFileTime
FindResourceExA
SetCommConfig
UnlockFile
GetFileType
SearchPathW
VerLanguageNameW
CompareStringW
GetProfileStringW
EnumResourceNamesW
LocalAlloc
GetUserDefaultLangID
LockFile
FlushFileBuffers
FileTimeToSystemTime
SetEndOfFile
FlushFileBuffers
GetFileAttributesA
GetVolumeInformationW
GetSystemTime
GetSystemDirectoryW

Sections

.text
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e56541c6b7db3d3aa8803f3e4956f4c

Headers

File Characteristics

Imports

comctl32

gdi32

user32

ole32

rpcrt4

comdlg32

shlwapi

kernel32

Sections

.text Size: 173KB - Virtual size: 172KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 26KB - Virtual size: 26KB

.lib Size: 512B - Virtual size: 96KB

.text
Size: 173KB - Virtual size: 172KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 26KB - Virtual size: 26KB

.lib
Size: 512B - Virtual size: 96KB