JaffaCakes118_5787714b5e0d7a8637009e5dd6a91a58

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_5787714b5e0d7a8637009e5dd6a91a58
Size

187KB
MD5

5787714b5e0d7a8637009e5dd6a91a58
SHA1

549626c9602412bcd27712c44531ced2ed443200
SHA256

0d6bfde6fd87862c17ec21189950d9bf07b51793c704023f717129ec65b367e6
SHA512

0445fdfcc8a5c4963c7fd63f4b145bb55cdcc74f9972340b548b9b4cda51807724d9898e3846a1d300ef59be776dab71c14466e24b8a6dd6c770f5c66e7c03b4
SSDEEP

3072:is04FXKn40nNqekDdjvb9Eo7JjMe6i6V68fh0bSaJQtBZ2FoAEzuFKjVf1SF1KxB:isfFSqekDdVEo7Jj76lfOQtDYEq98x/5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_5787714b5e0d7a8637009e5dd6a91a58

Files

JaffaCakes118_5787714b5e0d7a8637009e5dd6a91a58
.exe windows:4 windows x86 arch:x86

23f8b6a9a486eb3556ae45ad66198451

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

rpcrt4

NdrClientCall
RpcBindingFromStringBindingA
RpcStringBindingComposeA
RpcBindingSetAuthInfoA
RpcStringFreeA

shlwapi

PathStripToRootW
PathCanonicalizeW
PathIsURLW
PathIsRelativeW
PathIsRootW
PathCombineW

gdi32

ExtCreatePen
PlgBlt
StrokePath
GetPath
RoundRect
CreateFontIndirectA
CreatePen
PolyBezier
SetStretchBltMode
AnimatePalette
GetBkColor
SetTextColor
GetBitmapBits
FlattenPath
SetDIBits

kernel32

GetVolumeInformationW
CreateFiber
LocalAlloc
GetProfileStringW
GetFileAttributesA
SetCommConfig
FlushFileBuffers
GetVersionExW
FileTimeToLocalFileTime
SearchPathW
CompareStringW
EnumResourceNamesW
VerLanguageNameW
GetSystemTime
UnlockFile
SetEndOfFile
FindResourceExA
FlushFileBuffers
LockFile
IsDBCSLeadByte
FileTimeToSystemTime
GetUserDefaultLangID
GetFileTime
GetFileType
GetSystemDirectoryW

comctl32

ImageList_Create
ImageList_GetIconSize
ImageList_DrawEx
ImageList_Add
ImageList_Destroy

ole32

RegisterDragDrop
CLSIDFromProgID
StringFromCLSID
RevokeDragDrop
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
GetHGlobalFromStream
ProgIDFromCLSID
CoCreateGuid
CLSIDFromString
CoFreeUnusedLibraries
OleDuplicateData
CoTaskMemFree
OleGetAutoConvert
CoCreateInstance
ReleaseStgMedium
CoTaskMemAlloc
OleRun
CoGetMalloc
OleRegGetUserType
CreateStreamOnHGlobal
GetHGlobalFromILockBytes
CoGetClassObject
CreateILockBytesOnHGlobal

comdlg32

GetFileTitleA

user32

DrawEdge
DefWindowProcW
SetClipboardData
ClipCursor
ToAscii
EmptyClipboard
ChildWindowFromPoint
WinHelpW
CallNextHookEx
GetSysColorBrush
MonitorFromWindow
DestroyCursor
SetWindowsHookExW
SetWindowPos
SetScrollRange
UnhookWindowsHookEx
DestroyIcon
RegisterClassW
IsClipboardFormatAvailable
GetSysColor

Sections

.text
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23f8b6a9a486eb3556ae45ad66198451

Headers

File Characteristics

Imports

rpcrt4

shlwapi

gdi32

kernel32

comctl32

ole32

comdlg32

user32

Sections

.text Size: 167KB - Virtual size: 166KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 15KB - Virtual size: 15KB

.lib Size: 512B - Virtual size: 76KB

.text
Size: 167KB - Virtual size: 166KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 15KB - Virtual size: 15KB

.lib
Size: 512B - Virtual size: 76KB