JaffaCakes118_43637c0470106556c2e969bafdb517db

General

Target

JaffaCakes118_43637c0470106556c2e969bafdb517db
Size

194KB
MD5

43637c0470106556c2e969bafdb517db
SHA1

8b36ae3091a3ae064b89cff4dd3fec9c354d3e40
SHA256

e6228850469d1423f3092a825d45445eb30c7d54ba221a05a6863e90f073e17b
SHA512

4e40a86c6f7d241fc21c4092b8b1c9d5d1a36f33b98f533a28003f8fdf2fe374d3af3b99f569cca0e9fe92c7e3096d58a6653396c7d04da5a43148065222b3cb
SSDEEP

6144:cw7+XkcRxvZojEW0wH0BH5NKYjoLm5hHTyLHbKVAyE:1+XkcHijD/H6LdmmLOL7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_43637c0470106556c2e969bafdb517db

Files

JaffaCakes118_43637c0470106556c2e969bafdb517db
.exe windows:4 windows x86 arch:x86

8a2586c39ec4b0ce07fa0dc4139edaa3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

PathIsRootW
PathIsRelativeW
PathCanonicalizeW
PathStripToRootW
PathIsURLW
PathCombineW

kernel32

CreateFiber
IsDBCSLeadByte
FlushFileBuffers
CompareStringW
FileTimeToLocalFileTime
FindResourceExA
WriteFileGather
SearchPathW
GetVolumeInformationW
GetFileType
GetProfileStringW
GetVersionExW
VerLanguageNameW
EnumResourceNamesW
GetFileAttributesA
FileTimeToSystemTime
FlushFileBuffers
GetFileTime
UnlockFile
LockFile
GetSystemTime
SetEndOfFile
GetUserDefaultLangID
LocalAlloc
GetSystemDirectoryW

comdlg32

GetFileTitleA

user32

WinHelpW
SetWindowPos
EmptyClipboard
SetWindowsHookExW
CallNextHookEx
GetSysColorBrush
MonitorFromWindow
UnhookWindowsHookEx
IsClipboardFormatAvailable
DestroyCursor
SetScrollRange
DestroyIcon
SetClipboardData
DrawEdge
ChildWindowFromPoint
RegisterClassW
ClipCursor
DefWindowProcW
ToAscii
GetSysColor

comctl32

ImageList_Add
ImageList_Create
ImageList_GetIconSize
ImageList_DrawEx
ImageList_Destroy

rpcrt4

RpcBindingSetAuthInfoA
RpcBindingFromStringBindingA
RpcStringBindingComposeA
NdrClientCall
RpcStringFreeA

Sections

.text
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a2586c39ec4b0ce07fa0dc4139edaa3

Headers

File Characteristics

Imports

shlwapi

kernel32

comdlg32

user32

comctl32

rpcrt4

Sections

.text Size: 177KB - Virtual size: 177KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 13KB - Virtual size: 12KB

.lib Size: 512B - Virtual size: 216KB

.text
Size: 177KB - Virtual size: 177KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 13KB - Virtual size: 12KB

.lib
Size: 512B - Virtual size: 216KB