ded0460084c7687e861fecd6559047f9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ded0460084c7687e861fecd6559047f9_JaffaCakes118
Size

193KB
MD5

ded0460084c7687e861fecd6559047f9
SHA1

121c37224fd8f4394a832d0552bd14a4270a0beb
SHA256

b7561ee2a61654641afc2546cc8bfca40bc2ed030aa4580db0c0ff247e1633a9
SHA512

d6b229f3c133f8036d614ddc368b4746fa99804e85b698bf20f5fb4a2394dd0e316c6cc3a1fc863f7288a4b32381e9dfa15e9ce8a146660c79888f63f99421bb
SSDEEP

3072:AzWeAhH7QL/88Ym98FaUBEzU57C3CuTvd+0QYiu46AAFEq3RA2yROF:AaTsL/ZD+Nu7CEVNQYnvAAFlBac

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ded0460084c7687e861fecd6559047f9_JaffaCakes118

Files

ded0460084c7687e861fecd6559047f9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

77874600825cb9e23dc37d6279576aaa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

comdlg32

GetFileTitleA

comctl32

ImageList_Create
ImageList_DrawEx
ImageList_Add
ImageList_GetIconSize
ImageList_Destroy

user32

SetWindowPos
GetSysColorBrush
IsClipboardFormatAvailable
DestroyCursor
SetWindowsHookExW
DefWindowProcW
EmptyClipboard
SetClipboardData
UnhookWindowsHookEx
ClipCursor
RegisterClassW
WinHelpW
CallNextHookEx
ToAscii
ChildWindowFromPoint
MonitorFromWindow
DrawEdge
DestroyIcon
SetScrollRange
GetSysColor

shlwapi

PathCanonicalizeW
PathIsURLW
PathIsRelativeW
PathStripToRootW
PathIsRootW
PathCombineW

ole32

CoCreateGuid
CLSIDFromString
CoFreeUnusedLibraries
CoGetMalloc
CreateStreamOnHGlobal
OleRegGetUserType
CoTaskMemAlloc
RegisterDragDrop
RevokeDragDrop
OleRun
ProgIDFromCLSID
StringFromCLSID
CoTaskMemFree
OleGetAutoConvert
CLSIDFromProgID
GetHGlobalFromILockBytes
CoCreateInstance
StgOpenStorageOnILockBytes
CoGetClassObject
GetHGlobalFromStream
OleDuplicateData
StgCreateDocfileOnILockBytes
ReleaseStgMedium
CreateILockBytesOnHGlobal

rpcrt4

RpcStringBindingComposeA
NdrClientCall
RpcBindingSetAuthInfoA
RpcBindingFromStringBindingA
RpcStringFreeA

kernel32

LockFile
GetVersionExW
CreateFiber
SearchPathW
GetUserDefaultLangID
VerLanguageNameW
FileTimeToSystemTime
IsDBCSLeadByte
WriteFileGather
GetVolumeInformationW
FindResourceExA
EnumResourceNamesW
FlushFileBuffers
CompareStringW
FlushFileBuffers
GetFileAttributesA
UnlockFile
GetFileType
GetSystemTime
GetProfileStringW
LocalAlloc
FileTimeToLocalFileTime
GetFileTime
SetEndOfFile
GetSystemDirectoryW

Sections

.text
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77874600825cb9e23dc37d6279576aaa

Headers

File Characteristics

Imports

comdlg32

comctl32

user32

shlwapi

ole32

rpcrt4

kernel32

Sections

.text Size: 169KB - Virtual size: 169KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 19KB - Virtual size: 18KB

.lib Size: 512B - Virtual size: 220KB

.text
Size: 169KB - Virtual size: 169KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 19KB - Virtual size: 18KB

.lib
Size: 512B - Virtual size: 220KB