JaffaCakes118_296520575eeb4dbee45deeccfcce79b1

General

Target

JaffaCakes118_296520575eeb4dbee45deeccfcce79b1
Size

191KB
MD5

296520575eeb4dbee45deeccfcce79b1
SHA1

95838860d9ca9d8b1a3f3bb53033b8a4da722295
SHA256

e7fa61b05ede78ebedbd911f96b3e67a0cc8828f09d46d4c565947db3fe03fa2
SHA512

5cb2fea514bdaaf6a58baf7e420ef5657abc6fab16691479067748dd12274763d69159c40957e682c3f2ef8279ff182e41775fc2bf5a2b9912515c4269cd3a12
SSDEEP

3072:ZLqJo6U4ednAQOYYFuWNHXeVbKqxTH3bYKBICyAlNRGGg07UIvqB2nCzrkk/:lq24zQOYqx34D9kKBIC5lDAAUI2Iq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_296520575eeb4dbee45deeccfcce79b1

Files

JaffaCakes118_296520575eeb4dbee45deeccfcce79b1
.exe windows:4 windows x86 arch:x86

0dcde7e34783f8a6f3971768ed53bc62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetFileTime
CreateFiber
UnlockFile
GetProfileStringW
FileTimeToSystemTime
VerLanguageNameW
GetVersionExW
GetUserDefaultLangID
TerminateProcess
SearchPathW
FileTimeToLocalFileTime
GetFileAttributesA
FlushFileBuffers
EnumResourceNamesA
IsDBCSLeadByte
GetVolumeInformationW
GetFileType
FlushFileBuffers
GetSystemTime
CompareStringW
LockFile
SetEndOfFile
LocalAlloc
FindResourceExA
GetSystemDirectoryW

comdlg32

GetFileTitleA

comctl32

ImageList_GetIconSize
ImageList_Add
ImageList_DrawEx
ImageList_Create
ImageList_Destroy

user32

IsClipboardFormatAvailable
RegisterClassW
WinHelpW
DrawEdge
SetClipboardData
ToAscii
SetScrollRange
DestroyCursor
UnhookWindowsHookEx
CallNextHookEx
DefWindowProcW
EmptyClipboard
SetWindowPos
SetWindowsHookExW
GetSysColorBrush
ChildWindowFromPoint
ClipCursor
DestroyIcon
RealGetWindowClass
GetSysColor

rpcrt4

RpcBindingFromStringBindingA
NdrClientCall
RpcStringBindingComposeA
RpcBindingSetAuthInfoA
RpcStringFreeA

Sections

.text
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0dcde7e34783f8a6f3971768ed53bc62

Headers

File Characteristics

Imports

kernel32

comdlg32

comctl32

user32

rpcrt4

Sections

.text Size: 169KB - Virtual size: 169KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 18KB - Virtual size: 18KB

.tls Size: 512B - Virtual size: 220KB

.text
Size: 169KB - Virtual size: 169KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 18KB - Virtual size: 18KB

.tls
Size: 512B - Virtual size: 220KB