JaffaCakes118_6a934cebdad405e11ca1883bc620069b

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_6a934cebdad405e11ca1883bc620069b
Size

206KB
MD5

6a934cebdad405e11ca1883bc620069b
SHA1

37e5f2c797f375aebe4fb2795adba1bf71b15735
SHA256

e49ea3ce4c862db5e507cfb2ab55c469dc14c050721c18ca11fd071ab9c28f63
SHA512

f7fb32930bc163970c48d1234dffbed39f29ff2026e1aa0e5ee46efb4dbb61442850a6b5215bea32dde14ab896b1165b4292260973c265b0012844c29c01fb4e
SSDEEP

6144:pI/9zgWclaAr9sMd+s/t5Ud9VxGFkWhY9A/BU3e:pI/RgWclaApD/t5uuFk9SU3e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6a934cebdad405e11ca1883bc620069b

Files

JaffaCakes118_6a934cebdad405e11ca1883bc620069b
.exe windows:4 windows x86 arch:x86

115ee44ec15dc79e708f1b78401edc81

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

PathCanonicalizeW
PathIsRelativeW
PathStripToRootW
PathIsURLW
PathIsRootW
PathCombineW

comctl32

ImageList_GetIconSize
ImageList_Add
ImageList_DrawEx
ImageList_Create
ImageList_Destroy

rpcrt4

RpcBindingSetAuthInfoA
NdrClientCall
RpcStringBindingComposeA
RpcBindingFromStringBindingA
RpcStringFreeA

comdlg32

GetFileTitleA

ole32

CLSIDFromProgID
CreateStreamOnHGlobal
CoCreateInstance
OleRun
ProgIDFromCLSID
StringFromCLSID
CoTaskMemFree
RegisterDragDrop
GetHGlobalFromStream
ReleaseStgMedium
OleGetAutoConvert
RevokeDragDrop
CoCreateGuid
GetHGlobalFromILockBytes
CoFreeUnusedLibraries
CoGetClassObject
CoGetMalloc
CLSIDFromString
CoTaskMemAlloc
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
OleDuplicateData
OleRegGetUserType
CreateILockBytesOnHGlobal

kernel32

GetSystemTime
CreateFiber
SetEndOfFile
GetFileAttributesA
GetFileType
LocalAlloc
GetVolumeInformationW
WriteFileGather
LockFile
CompareStringW
FileTimeToLocalFileTime
EnumResourceNamesW
UnlockFile
SearchPathW
FlushFileBuffers
GetProfileStringW
IsDBCSLeadByte
FlushFileBuffers
GetFileTime
GetVersionExW
VerLanguageNameW
GetUserDefaultLangID
FileTimeToSystemTime
FindResourceExA
GetSystemDirectoryW

user32

ToAscii
EmptyClipboard
GetSysColorBrush
RegisterClassW
ChildWindowFromPoint
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
IsClipboardFormatAvailable
DestroyIcon
WinHelpW
ClipCursor
SetClipboardData
MonitorFromWindow
DefWindowProcW
SetWindowPos
DestroyCursor
DrawEdge
SetScrollRange
GetSysColor

Sections

.text
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

115ee44ec15dc79e708f1b78401edc81

Headers

File Characteristics

Imports

shlwapi

comctl32

rpcrt4

comdlg32

ole32

kernel32

user32

Sections

.text Size: 179KB - Virtual size: 179KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 22KB - Virtual size: 22KB

.lib Size: 512B - Virtual size: 96KB

.text
Size: 179KB - Virtual size: 179KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 22KB - Virtual size: 22KB

.lib
Size: 512B - Virtual size: 96KB