f3d5bb873a19e23a6e7b6db9737411d8_JaffaCakes118

General

Target

f3d5bb873a19e23a6e7b6db9737411d8_JaffaCakes118
Size

179KB
MD5

f3d5bb873a19e23a6e7b6db9737411d8
SHA1

93477fec59e1e3c689a98f576dcd84a2f3eb2adf
SHA256

e1988e0421ae089847dde234008e091b54d58f54c1ae663dd6c521c7d5a8e945
SHA512

2fd719d9a246d8a4e538d26cf58e7b61e27a4ce9cc8fd4d76d5332a8dc3bde82b78bcab8a3e2e6b2ba0f5803f6f76497e4d7cbd5eeaf1094f943d2784a899b91
SSDEEP

3072:U6kGMVrSa8XbK5R4H3XSp7FyosqblHa7dGdl3NhJuwLQp6lyFV8aM2iU96:U6pMd38XbeR4HsJhbl67dGrXJVlqZXiU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3d5bb873a19e23a6e7b6db9737411d8_JaffaCakes118

Files

f3d5bb873a19e23a6e7b6db9737411d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b8b7ff0d89bcc0b953a72b43e02bead

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

CallNextHookEx
ToAscii
IsClipboardFormatAvailable
DrawEdge
SetScrollRange
WinHelpW
RegisterClassW
ClipCursor
RealGetWindowClass
EmptyClipboard
DefWindowProcW
DestroyCursor
ChildWindowFromPoint
SetClipboardData
DestroyIcon
SetWindowPos
SetWindowsHookExW
GetSysColorBrush
UnhookWindowsHookEx
GetSysColor

kernel32

GetFileAttributesA
LockFile
CreateFiber
GetFileType
LocalAlloc
TerminateProcess
IsDBCSLeadByte
FileTimeToSystemTime
FlushFileBuffers
SetEndOfFile
GetSystemTime
GetVolumeInformationW
GetVersionExW
EnumResourceNamesA
FlushFileBuffers
GetProfileStringW
FindResourceExA
VerLanguageNameW
UnlockFile
FileTimeToLocalFileTime
SearchPathW
GetFileTime
CompareStringW
GetUserDefaultLangID
GetSystemDirectoryW

rpcrt4

RpcStringBindingComposeA
RpcBindingSetAuthInfoA
RpcBindingFromStringBindingA
NdrClientCall
RpcStringFreeA

comdlg32

GetFileTitleA

comctl32

ImageList_GetIconSize
ImageList_Add
ImageList_Create
ImageList_DrawEx
ImageList_Destroy

Sections

.text
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b8b7ff0d89bcc0b953a72b43e02bead

Headers

File Characteristics

Imports

user32

kernel32

rpcrt4

comdlg32

comctl32

Sections

.text Size: 155KB - Virtual size: 155KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 20KB - Virtual size: 20KB

.tls Size: 512B - Virtual size: 76KB

.text
Size: 155KB - Virtual size: 155KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 20KB - Virtual size: 20KB

.tls
Size: 512B - Virtual size: 76KB