ed2fcb0bc3b65d6f840ba611e2be55b4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ed2fcb0bc3b65d6f840ba611e2be55b4_JaffaCakes118
Size

192KB
MD5

ed2fcb0bc3b65d6f840ba611e2be55b4
SHA1

92e5abd7e2471e0be1c7ebad94e3807e1fd41af1
SHA256

b0a61d568f7635678cad356aef511442ecf9d731b2c4e8459f1f0b7f100b4c18
SHA512

e2f0cbbe46409a9db3975aa140f51f9b44f1bd9dea2b05827e7bb3f97432706955531d08c491fe79bd2845e8ab3970b90dc411b595bc5f58ef6984e984ee94e7
SSDEEP

3072:/38tXegDkbOV3qtWoyjjcYX1/E/eWfiUd6Q6QOO2j/DW6kNXHQi3JM0xJiR2mpc7:/WO5SV30/YlSeWaALPOO2ji6ajJM0A2l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed2fcb0bc3b65d6f840ba611e2be55b4_JaffaCakes118

Files

ed2fcb0bc3b65d6f840ba611e2be55b4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b0fd7d6bdc3033fd466a1dec6b1b5eca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

ImageList_Add
ImageList_DrawEx
ImageList_Create
ImageList_GetIconSize
ImageList_Destroy

kernel32

CreateFiber
SearchPathW
GetVersionExW
LocalAlloc
IsDBCSLeadByte
SetCommConfig
UnlockFile
FileTimeToLocalFileTime
GetFileAttributesA
GetSystemTime
EnumResourceNamesW
GetUserDefaultLangID
FindResourceExA
GetProfileStringW
GetVolumeInformationW
VerLanguageNameW
FlushFileBuffers
GetFileType
FileTimeToSystemTime
GetFileTime
LockFile
SetEndOfFile
CompareStringW
FlushFileBuffers
GetSystemDirectoryW

ole32

OleGetAutoConvert
CoGetMalloc
StgOpenStorageOnILockBytes
RegisterDragDrop
CoGetClassObject
CoTaskMemAlloc
CoCreateGuid
StgCreateDocfileOnILockBytes
GetHGlobalFromILockBytes
CoCreateInstance
CreateStreamOnHGlobal
OleDuplicateData
CLSIDFromString
ProgIDFromCLSID
OleRegGetUserType
ReleaseStgMedium
GetHGlobalFromStream
CoTaskMemFree
CLSIDFromProgID
CoFreeUnusedLibraries
RevokeDragDrop
StringFromCLSID
OleRun
CreateILockBytesOnHGlobal

shlwapi

PathIsRelativeW
PathIsRootW
PathStripToRootW
PathCanonicalizeW
PathIsURLW
PathCombineW

rpcrt4

RpcBindingSetAuthInfoA
RpcStringBindingComposeA
NdrClientCall
RpcBindingFromStringBindingA
RpcStringFreeA

gdi32

CreateFontIndirectA
GetBitmapBits
FlattenPath
StrokePath
PolyBezier
GetBkColor
CreatePen
ExtCreatePen
SetTextColor
AnimatePalette
RoundRect
PlgBlt
GetPath
SetStretchBltMode
SetDIBits

comdlg32

GetFileTitleA

user32

DefWindowProcW
SetClipboardData
MonitorFromWindow
WinHelpW
ClipCursor
SetWindowPos
GetSysColorBrush
IsClipboardFormatAvailable
SetWindowsHookExW
DrawEdge
CallNextHookEx
RegisterClassW
UnhookWindowsHookEx
SetScrollRange
EmptyClipboard
ChildWindowFromPoint
DestroyIcon
DestroyCursor
ToAscii
GetSysColor

Sections

.text
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0fd7d6bdc3033fd466a1dec6b1b5eca

Headers

File Characteristics

Imports

comctl32

kernel32

ole32

shlwapi

rpcrt4

gdi32

comdlg32

user32

Sections

.text Size: 166KB - Virtual size: 165KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 21KB - Virtual size: 21KB

.lib Size: 512B - Virtual size: 220KB

.text
Size: 166KB - Virtual size: 165KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 21KB - Virtual size: 21KB

.lib
Size: 512B - Virtual size: 220KB