a4a814bcce71e24fb4550fe40e2f629e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a4a814bcce71e24fb4550fe40e2f629e_JaffaCakes118
Size

190KB
MD5

a4a814bcce71e24fb4550fe40e2f629e
SHA1

aeb6992e87b3802c244d3740bdd45f244616dc5d
SHA256

b58cbc3ab06f13a52fa22a665e763928603ba27080917c0ebe68f3a1453d468d
SHA512

07794c22a69fce9ddfb93c97571bfef876d6baf79a7e2b31e6562fb8a64a722f5c5f31180ac10388e505aafe76533adee040d07a8b1be10d9a5ac4460138b441
SSDEEP

3072:uvcqLxjw4XF5/i/NSkJTomKpxw9zWuje7vkdmTuWA8V4h7Zhbm:uvPP5/i/NSkRoTA1WuaomBA44NZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4a814bcce71e24fb4550fe40e2f629e_JaffaCakes118

Files

a4a814bcce71e24fb4550fe40e2f629e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

99829bba2ef8e4b4ca5ac154af54dba8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FindResourceExA
VerLanguageNameW
FlushFileBuffers
CreateFiberEx
GetFileAttributesA
GetFileType
GetUserDefaultLangID
SetCommConfig
GetProfileStringW
CompareStringW
SetEndOfFile
EnumResourceNamesW
UnlockFile
GetVersionExW
SearchPathW
LocalAlloc
LockFile
FlushFileBuffers
FileTimeToSystemTime
IsDBCSLeadByte
GetVolumeInformationW
FileTimeToLocalFileTime
GetSystemTime
GetFileTime
GetSystemDirectoryW

gdi32

SetStretchBltMode
PolyBezier
ExtCreatePen
SetTextColor
CreatePen
FlattenPath
CreateFontIndirectA
StrokePath
RoundRect
AnimatePalette
GetPath
GetBitmapBits
GetBkColor
PlgBlt
SetDIBits

comdlg32

GetFileTitleA

rpcrt4

RpcBindingFromStringBindingA
RpcBindingSetAuthInfoA
RpcStringBindingComposeA
NdrClientCall
RpcStringFreeA

shlwapi

PathCanonicalizeW
PathIsRootW
PathIsURLW
PathStripToRootW
PathIsRelativeW
PathCombineW

user32

DestroyIcon
ToAscii
SetScrollRange
ChildWindowFromPoint
CallNextHookEx
DrawEdge
DefWindowProcW
MonitorFromWindow
SetWindowsHookExW
SetWindowPos
SetClipboardData
ClipCursor
EmptyClipboard
GetSysColorBrush
IsClipboardFormatAvailable
WinHelpW
RegisterClassW
DestroyCursor
UnhookWindowsHookEx
GetSysColor

ole32

StgOpenStorageOnILockBytes
RegisterDragDrop
CLSIDFromProgID
CreateStreamOnHGlobal
ReleaseStgMedium
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
StringFromCLSID
CLSIDFromString
GetHGlobalFromILockBytes
CoCreateGuid
RevokeDragDrop
GetHGlobalFromStream
OleGetAutoConvert
CoFreeUnusedLibraries
ProgIDFromCLSID
OleRun
CoGetClassObject
CoGetMalloc
StgCreateDocfileOnILockBytes
OleRegGetUserType
OleDuplicateData
CreateILockBytesOnHGlobal

comctl32

ImageList_GetIconSize
ImageList_Create
ImageList_DrawEx
ImageList_Add
ImageList_Destroy

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99829bba2ef8e4b4ca5ac154af54dba8

Headers

File Characteristics

Imports

kernel32

gdi32

comdlg32

rpcrt4

shlwapi

user32

ole32

comctl32

Sections

.text Size: 163KB - Virtual size: 163KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 22KB - Virtual size: 22KB

.lib Size: 512B - Virtual size: 224KB

.text
Size: 163KB - Virtual size: 163KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 22KB - Virtual size: 22KB

.lib
Size: 512B - Virtual size: 224KB