JaffaCakes118_2f31dde56f29afee636fd32b20a0736b

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_2f31dde56f29afee636fd32b20a0736b
Size

201KB
MD5

2f31dde56f29afee636fd32b20a0736b
SHA1

682cc264764a083883f79258bb9baca1ba41e51f
SHA256

672e0b51f10c39a7ea11648ceb1021f0029d6043107a080ee230165b16afa6f5
SHA512

fa3d0b9acb2f8374db1ca85f61b3cac3970d04ff8843c0f2c54b094cecb68fbef4a41b1f7448ba9bd9734069728ba9212c4f8022632b70ecea5e44e662b3e868
SSDEEP

6144:r5VGHD1WEItzn+W8fbWtJghxEJhcHqjci1:WHD1tTWTghUhcKjc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_2f31dde56f29afee636fd32b20a0736b

Files

JaffaCakes118_2f31dde56f29afee636fd32b20a0736b
.exe windows:4 windows x86 arch:x86

c7cf105154743d24988145d4b93e4976

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

CLSIDFromProgID
ProgIDFromCLSID
RegisterDragDrop
CoFreeUnusedLibraries
ReleaseStgMedium
CoCreateGuid
CoTaskMemFree
CoGetClassObject
OleDuplicateData
StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal
GetHGlobalFromILockBytes
CoCreateInstance
CoGetMalloc
RevokeDragDrop
OleGetAutoConvert
OleRun
StringFromCLSID
GetHGlobalFromStream
OleRegGetUserType
CoTaskMemAlloc
CLSIDFromString
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal

rpcrt4

RpcStringBindingComposeA
RpcBindingSetAuthInfoA
NdrClientCall
RpcBindingFromStringBindingA
RpcStringFreeA

user32

GetSysColorBrush
DrawEdge
DefWindowProcW
MonitorFromWindow
IsClipboardFormatAvailable
UnhookWindowsHookEx
SetWindowsHookExW
SetClipboardData
DestroyCursor
WinHelpW
RegisterClassW
ChildWindowFromPoint
ClipCursor
CallNextHookEx
SetWindowPos
ToAscii
DestroyIcon
EmptyClipboard
SetScrollRange
GetSysColor

gdi32

SetStretchBltMode
GetBkColor
GetPath
GetBitmapBits
PolyBezier
CreateFontIndirectA
AnimatePalette
CreatePen
FlattenPath
StrokePath
SetTextColor
PlgBlt
RoundRect
ExtCreatePen
SetDIBits

shlwapi

PathStripToRootW
PathIsRootW
PathIsRelativeW
PathCanonicalizeW
PathIsURLW
PathCombineW

kernel32

IsDBCSLeadByte
CreateFiber
LocalAlloc
GetProfileStringW
FileTimeToLocalFileTime
GetVolumeInformationW
GetFileType
SetCommConfig
CompareStringW
SetEndOfFile
EnumResourceNamesW
GetSystemTime
UnlockFile
GetUserDefaultLangID
VerLanguageNameW
LockFile
SearchPathW
FlushFileBuffers
GetFileTime
GetVersionExW
FindResourceExA
FlushFileBuffers
GetFileAttributesA
FileTimeToSystemTime
GetSystemDirectoryW

comdlg32

GetFileTitleA

comctl32

ImageList_Create
ImageList_GetIconSize
ImageList_Add
ImageList_DrawEx
ImageList_Destroy

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7cf105154743d24988145d4b93e4976

Headers

File Characteristics

Imports

ole32

rpcrt4

user32

gdi32

shlwapi

kernel32

comdlg32

comctl32

Sections

.text Size: 183KB - Virtual size: 183KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 13KB - Virtual size: 13KB

.lib Size: 512B - Virtual size: 224KB

.text
Size: 183KB - Virtual size: 183KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 13KB - Virtual size: 13KB

.lib
Size: 512B - Virtual size: 224KB