f85654caea2c8918ac6dce786097cccf_JaffaCakes118

General

Target

f85654caea2c8918ac6dce786097cccf_JaffaCakes118
Size

192KB
MD5

f85654caea2c8918ac6dce786097cccf
SHA1

257c81787ce27c27f2362e5875f14ee6ddd263b8
SHA256

e3bfa4353a9a5c3258e3f2b0012075003857d3e1c2e18bfcbe8975a0a998ba99
SHA512

4d4b964af4dad681e5e513e5d4785d437caa006acc5b19aac20f54c00638a428995d063d73f6278588c5eb294f9c2e20cec2f47cc3eb0df9d0956c0d8a7d7509
SSDEEP

3072:y2BtU5tper/fxMEj2GGGFQJXudC1x1mTJ719vxof6w2QfYcOQjG9+MSnhSPXDJMO:y3ibfnjzeXsgxglnxofd2ibe+pnhSfN/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f85654caea2c8918ac6dce786097cccf_JaffaCakes118

Files

f85654caea2c8918ac6dce786097cccf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2e8bbf1d9fbb07c3c9feffe718467aac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetFileTime
GetVersionExW
FileTimeToLocalFileTime
CreateFiber
SetEndOfFile
GetFileType
VerLanguageNameW
TerminateProcess
UnlockFile
FlushFileBuffers
GetFileAttributesA
GetSystemTime
LocalAlloc
EnumResourceNamesA
FileTimeToSystemTime
FlushFileBuffers
IsDBCSLeadByte
GetVolumeInformationW
LockFile
SearchPathW
GetUserDefaultLangID
CompareStringW
GetProfileStringW
FindResourceExA
GetSystemDirectoryW

rpcrt4

RpcBindingFromStringBindingA
RpcBindingSetAuthInfoA
RpcStringBindingComposeA
NdrClientCall
RpcStringFreeA

comctl32

ImageList_Add
ImageList_DrawEx
ImageList_Create
ImageList_GetIconSize
ImageList_Destroy

comdlg32

GetFileTitleA

user32

SetWindowPos
SetWindowsHookExW
DrawEdge
DestroyCursor
SetScrollRange
ClipCursor
DefWindowProcW
GetSysColorBrush
EmptyClipboard
UnhookWindowsHookEx
RegisterClassW
ToAscii
IsClipboardFormatAvailable
RealGetWindowClass
WinHelpW
CallNextHookEx
DestroyIcon
ChildWindowFromPoint
SetClipboardData
GetSysColor

Sections

.text
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e8bbf1d9fbb07c3c9feffe718467aac

Headers

File Characteristics

Imports

kernel32

rpcrt4

comctl32

comdlg32

user32

Sections

.text Size: 169KB - Virtual size: 169KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 19KB - Virtual size: 18KB

.tls Size: 512B - Virtual size: 220KB

.text
Size: 169KB - Virtual size: 169KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 19KB - Virtual size: 18KB

.tls
Size: 512B - Virtual size: 220KB