c563736c91d85771c5f0f69e34377a39_JaffaCakes118

General

Target

c563736c91d85771c5f0f69e34377a39_JaffaCakes118
Size

189KB
MD5

c563736c91d85771c5f0f69e34377a39
SHA1

9a4fce814020686662d5efe6d703319e367140cf
SHA256

e656c8fcffe3d4d8aa4702dd9dd313cee0af4e6192f0551751bb72b55e075eb6
SHA512

996eb8e63b3f55cd5820275e81a0772355be3db9bf2c4f93a5b500c1033afd15120fa9e05c0a72fbbd2e9fea2fd5e9c17d442a258c31b1bb6c5dd71b4fa26bb6
SSDEEP

3072:HmBOfy3tLGb8uCzMkNxbwzVyUsSxowgVpYWjshXX99DKGavdoZP6n6i:Zfy3tLaCzjPWVrOxaKGavWZP6n6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c563736c91d85771c5f0f69e34377a39_JaffaCakes118

Files

c563736c91d85771c5f0f69e34377a39_JaffaCakes118
.exe windows:4 windows x86 arch:x86

31465c8ac32ded57a2e54e3d11619000

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

DestroyIcon
CallNextHookEx
SetScrollRange
WinHelpW
ToAscii
GetSysColorBrush
ClipCursor
ChildWindowFromPoint
SetClipboardData
DefWindowProcW
SetWindowsHookExW
SetWindowPos
EmptyClipboard
UnhookWindowsHookEx
DrawEdge
DestroyCursor
RegisterClassW
RealGetWindowClass
IsClipboardFormatAvailable
GetSysColor

comdlg32

GetFileTitleA

kernel32

CreateFiber
GetProfileStringW
UnlockFile
SetEndOfFile
GetUserDefaultLangID
FlushFileBuffers
TerminateProcess
CompareStringW
IsDBCSLeadByte
LocalAlloc
FileTimeToLocalFileTime
GetFileAttributesA
GetFileType
EnumResourceNamesA
SearchPathW
LockFile
GetSystemTime
FlushFileBuffers
VerLanguageNameW
GetVolumeInformationW
FindResourceExA
FileTimeToSystemTime
GetFileTime
GetVersionExW
GetSystemDirectoryW

rpcrt4

NdrClientCall
RpcStringBindingComposeA
RpcBindingSetAuthInfoA
RpcBindingFromStringBindingA
RpcStringFreeA

Sections

.text
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31465c8ac32ded57a2e54e3d11619000

Headers

File Characteristics

Imports

user32

comdlg32

kernel32

rpcrt4

Sections

.text Size: 166KB - Virtual size: 165KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 20KB - Virtual size: 19KB

.tls Size: 512B - Virtual size: 80KB

.text
Size: 166KB - Virtual size: 165KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 20KB - Virtual size: 19KB

.tls
Size: 512B - Virtual size: 80KB