eaef5bf35f8a8b4e9a024d385abb861e_JaffaCakes118

General

Target

eaef5bf35f8a8b4e9a024d385abb861e_JaffaCakes118
Size

205KB
MD5

eaef5bf35f8a8b4e9a024d385abb861e
SHA1

3e74559f50879ecd49b12d966ff67cb3a2af3134
SHA256

e2ce517ae5789088bae3135bd8b29eb5be71409f8036ffd3a7151b0e490ff3a8
SHA512

1bbac3d5c9df9501d316a4439cf28a8f409d37fdacccf404e1a7e7e61e47dc608d5d11c345566f2fe4ba647645e404c57b64af71a0e5ad6ca02ad0582a60f3db
SSDEEP

6144:NtpC09fGg3lfyuWKICrpuxFKitQxEfifHpYz8n:Ntp7hly1M2KitYpfHpC8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eaef5bf35f8a8b4e9a024d385abb861e_JaffaCakes118

Files

eaef5bf35f8a8b4e9a024d385abb861e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

960c51e7f505f8a43d9874d11c2d80ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

ToAscii
RealGetWindowClass
DestroyIcon
SetWindowPos
ChildWindowFromPoint
EmptyClipboard
SetClipboardData
RegisterClassW
DrawEdge
CallNextHookEx
IsClipboardFormatAvailable
SetWindowsHookExW
DefWindowProcW
GetSysColorBrush
WinHelpW
SetScrollRange
DestroyCursor
UnhookWindowsHookEx
ClipCursor
GetSysColor

kernel32

GetSystemTime
FlushFileBuffers
CreateFiber
LockFile
SetEndOfFile
GetProfileStringW
TerminateProcess
UnlockFile
GetVolumeInformationW
LocalAlloc
EnumResourceNamesA
GetFileTime
IsDBCSLeadByte
FindResourceExA
FlushFileBuffers
GetVersionExW
SearchPathW
CompareStringW
GetFileType
FileTimeToSystemTime
VerLanguageNameW
FileTimeToLocalFileTime
GetUserDefaultLangID
GetFileAttributesA
GetSystemDirectoryW

comctl32

ImageList_DrawEx
ImageList_Add
ImageList_GetIconSize
ImageList_Create
ImageList_Destroy

comdlg32

GetFileTitleA

rpcrt4

RpcBindingFromStringBindingA
NdrClientCall
RpcStringBindingComposeA
RpcBindingSetAuthInfoA
RpcStringFreeA

Sections

.text
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

960c51e7f505f8a43d9874d11c2d80ee

Headers

File Characteristics

Imports

user32

kernel32

comctl32

comdlg32

rpcrt4

Sections

.text Size: 181KB - Virtual size: 180KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 21KB - Virtual size: 20KB

.tls Size: 512B - Virtual size: 92KB

.text
Size: 181KB - Virtual size: 180KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 21KB - Virtual size: 20KB

.tls
Size: 512B - Virtual size: 92KB