a14911add72f95c53d4814ac443f3b38_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a14911add72f95c53d4814ac443f3b38_JaffaCakes118
Size

200KB
MD5

a14911add72f95c53d4814ac443f3b38
SHA1

501eecafa76aa9a7c7fc4ea604e4ad430ee2ee47
SHA256

b8a7c9201986ee0c05e2aad5990fd9e67ad13ad5fff5f98c2da56a58f7a3da9c
SHA512

36fa22674721f7aea1eb36c60d6c6a7bef6834a995ea633d2c37d5b8ee66fc4e00eec577598de69a750836b3b8e0d143ce605f1e3b6a95cda75d001abd45d1b4
SSDEEP

3072:OZwK9XqMLkioXUCFGBeXFenWZF7h0oIluj397rkmsOnzLQIOT106eK2:OZ3qA/oCegiFuoIlujZkmsiHQIIuPt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a14911add72f95c53d4814ac443f3b38_JaffaCakes118

Files

a14911add72f95c53d4814ac443f3b38_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e70d0b5e0baa86134f618469cdb1e551

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

PathIsRootW
PathIsRelativeW
PathStripToRootW
PathIsURLW
PathCanonicalizeW
PathCombineW

kernel32

LockFile
UnlockFile
FileTimeToLocalFileTime
CreateFiberEx
SearchPathW
SetEndOfFile
GetSystemTime
VerLanguageNameW
SetCommConfig
GetVersionExW
CompareStringW
EnumResourceNamesW
GetProfileStringW
GetFileAttributesA
FlushFileBuffers
GetVolumeInformationW
LocalAlloc
FindResourceExA
IsDBCSLeadByte
FlushFileBuffers
GetUserDefaultLangID
FileTimeToSystemTime
GetFileTime
GetFileType
GetSystemDirectoryW

ole32

RevokeDragDrop
ReleaseStgMedium
RegisterDragDrop
CoFreeUnusedLibraries
CoGetClassObject
CoCreateGuid
CoTaskMemAlloc
OleRun
CoTaskMemFree
CreateStreamOnHGlobal
StringFromCLSID
StgOpenStorageOnILockBytes
GetHGlobalFromILockBytes
CLSIDFromString
OleDuplicateData
ProgIDFromCLSID
GetHGlobalFromStream
CoCreateInstance
StgCreateDocfileOnILockBytes
OleRegGetUserType
CoGetMalloc
CLSIDFromProgID
OleGetAutoConvert
CreateILockBytesOnHGlobal

gdi32

CreateFontIndirectA
StrokePath
RoundRect
CreatePen
GetBkColor
GetPath
FlattenPath
ExtCreatePen
AnimatePalette
SetTextColor
SetStretchBltMode
GetBitmapBits
PolyBezier
PlgBlt
SetDIBits

user32

UnhookWindowsHookEx
SetWindowsHookExW
ClipCursor
GetSysColorBrush
DrawEdge
MonitorFromWindow
CallNextHookEx
DestroyIcon
WinHelpW
SetClipboardData
DefWindowProcW
SetScrollRange
EmptyClipboard
ChildWindowFromPoint
IsClipboardFormatAvailable
ToAscii
SetWindowPos
RegisterClassW
DestroyCursor
GetSysColor

rpcrt4

RpcStringBindingComposeA
RpcBindingSetAuthInfoA
RpcBindingFromStringBindingA
NdrClientCall
RpcStringFreeA

comctl32

ImageList_GetIconSize
ImageList_DrawEx
ImageList_Add
ImageList_Create
ImageList_Destroy

comdlg32

GetFileTitleA

Sections

.text
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e70d0b5e0baa86134f618469cdb1e551

Headers

File Characteristics

Imports

shlwapi

kernel32

ole32

gdi32

user32

rpcrt4

comctl32

comdlg32

Sections

.text Size: 175KB - Virtual size: 174KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 20KB

.lib Size: 512B - Virtual size: 224KB

.text
Size: 175KB - Virtual size: 174KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 20KB

.lib
Size: 512B - Virtual size: 224KB