JaffaCakes118_3f4aea137a6c86af53be44b9c1179ef6

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_3f4aea137a6c86af53be44b9c1179ef6
Size

193KB
MD5

3f4aea137a6c86af53be44b9c1179ef6
SHA1

4d366203ee53c1eb909ed343c6c5fbf325390321
SHA256

cfb6197299fa740c6ca39f57f672f488d9b594a0b21c4f137b849ee75a8741ee
SHA512

cdc662b66deff6d7bccf5e0e5a3aa9cd082691cd36f154c6386a0cc563d445f2c667d115df935bf79cef3649977072521131da1aff7a8f8371a76947d78c894d
SSDEEP

6144:djVCVlgK897w+wEdv4XAMPvPjBujMOZHoomy/vFEYV:dgVlgK897wEF4XnPvPltOComq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_3f4aea137a6c86af53be44b9c1179ef6

Files

JaffaCakes118_3f4aea137a6c86af53be44b9c1179ef6
.exe windows:4 windows x86 arch:x86

da21828937ec50e626b190978b39696b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

rpcrt4

NdrClientCall
RpcStringBindingComposeA
RpcBindingSetAuthInfoA
RpcBindingFromStringBindingA
RpcStringFreeA

comctl32

ImageList_Add
ImageList_Create
ImageList_GetIconSize
ImageList_DrawEx
ImageList_Destroy

shlwapi

PathStripToRootW
PathIsRelativeW
PathIsRootW
PathCanonicalizeW
PathIsURLW
PathCombineW

comdlg32

GetFileTitleA

user32

DestroyIcon
DrawEdge
RegisterClassW
SetWindowPos
DestroyCursor
ClipCursor
UnhookWindowsHookEx
SetWindowsHookExW
DefWindowProcW
WinHelpW
SetClipboardData
IsClipboardFormatAvailable
MonitorFromWindow
CallNextHookEx
ToAscii
GetSysColorBrush
ChildWindowFromPoint
SetScrollRange
EmptyClipboard
GetSysColor

kernel32

GetUserDefaultLangID
CreateFiber
GetVersionExW
GetVolumeInformationW
CompareStringW
GetSystemTime
SetEndOfFile
LocalAlloc
WriteFileGather
UnlockFile
FileTimeToLocalFileTime
EnumResourceNamesW
VerLanguageNameW
FileTimeToSystemTime
IsDBCSLeadByte
GetFileAttributesA
FlushFileBuffers
GetFileType
SearchPathW
LockFile
FindResourceExA
GetProfileStringW
GetFileTime
FlushFileBuffers
GetSystemDirectoryW

ole32

CoGetClassObject
StgCreateDocfileOnILockBytes
RegisterDragDrop
CLSIDFromProgID
CoFreeUnusedLibraries
GetHGlobalFromILockBytes
GetHGlobalFromStream
CoTaskMemAlloc
CLSIDFromString
CreateStreamOnHGlobal
CoCreateGuid
ReleaseStgMedium
CoGetMalloc
OleRun
StgOpenStorageOnILockBytes
StringFromCLSID
CoTaskMemFree
ProgIDFromCLSID
CoCreateInstance
OleRegGetUserType
OleDuplicateData
OleGetAutoConvert
RevokeDragDrop
CreateILockBytesOnHGlobal

Sections

.text
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da21828937ec50e626b190978b39696b

Headers

File Characteristics

Imports

rpcrt4

comctl32

shlwapi

comdlg32

user32

kernel32

ole32

Sections

.text Size: 174KB - Virtual size: 173KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 15KB - Virtual size: 14KB

.lib Size: 512B - Virtual size: 220KB

.text
Size: 174KB - Virtual size: 173KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 15KB - Virtual size: 14KB

.lib
Size: 512B - Virtual size: 220KB