JaffaCakes118_78c77e8587b92a63d03af01b2388e096

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_78c77e8587b92a63d03af01b2388e096
Size

191KB
MD5

78c77e8587b92a63d03af01b2388e096
SHA1

00a5ad7fa8324f108d5fa365ff70e134d2ee0635
SHA256

e1dc02247fc9aecb076be6a87aa27b63a8936dc7dab580de8b20d4da3758d78b
SHA512

3c325129733ab1a307a3dc6cf2ce8da3046a83e72c43870acb2fff2af0475947ff6bb6c00efb5898e349d2f627a898ff8b4bdb8413973478661b5a0320057e9d
SSDEEP

3072:MCiBLeIWxDLLDAgu8GCo2r4I1vHHt9jJKyc7/SdvyzBdVOVrvGMJIE/woZ:MC0eHLLD9u8GGrr1v3jwxPs9v/J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_78c77e8587b92a63d03af01b2388e096

Files

JaffaCakes118_78c77e8587b92a63d03af01b2388e096
.exe windows:4 windows x86 arch:x86

679732d16434919853ac3dbbdf121737

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

PathCanonicalizeW
PathIsRelativeW
PathIsURLW
PathStripToRootW
PathIsRootW
PathCombineW

ole32

CoCreateInstance
CoGetMalloc
RevokeDragDrop
CreateStreamOnHGlobal
CLSIDFromString
GetHGlobalFromILockBytes
StgOpenStorageOnILockBytes
OleDuplicateData
CLSIDFromProgID
ProgIDFromCLSID
StgCreateDocfileOnILockBytes
CoFreeUnusedLibraries
OleRegGetUserType
StringFromCLSID
GetHGlobalFromStream
CoTaskMemFree
RegisterDragDrop
CoGetClassObject
CoTaskMemAlloc
OleGetAutoConvert
OleRun
ReleaseStgMedium
CoCreateGuid
CreateILockBytesOnHGlobal

comctl32

ImageList_DrawEx
ImageList_Create
ImageList_GetIconSize
ImageList_Add
ImageList_Destroy

gdi32

PlgBlt
GetBitmapBits
RoundRect
GetPath
StrokePath
SetTextColor
GetBkColor
PolyBezier
ExtCreatePen
CreateFontIndirectA
FlattenPath
CreatePen
AnimatePalette
SetStretchBltMode
SetDIBits

kernel32

CreateFiber
GetFileAttributesA
LockFile
GetVolumeInformationW
GetUserDefaultLangID
FileTimeToLocalFileTime
GetFileType
IsDBCSLeadByte
SetCommConfig
SearchPathW
FindResourceExA
GetFileTime
EnumResourceNamesW
GetVersionExW
UnlockFile
FlushFileBuffers
GetSystemTime
FlushFileBuffers
FileTimeToSystemTime
GetProfileStringW
SetEndOfFile
VerLanguageNameW
CompareStringW
LocalAlloc
GetSystemDirectoryW

comdlg32

GetFileTitleA

user32

CallNextHookEx
GetSysColorBrush
DrawEdge
SetClipboardData
EmptyClipboard
RegisterClassW
SetWindowsHookExW
SetScrollRange
DestroyCursor
DestroyIcon
ChildWindowFromPoint
IsClipboardFormatAvailable
WinHelpW
SetWindowPos
ToAscii
MonitorFromWindow
ClipCursor
UnhookWindowsHookEx
DefWindowProcW
GetSysColor

rpcrt4

RpcBindingSetAuthInfoA
NdrClientCall
RpcBindingFromStringBindingA
RpcStringBindingComposeA
RpcStringFreeA

Sections

.text
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

679732d16434919853ac3dbbdf121737

Headers

File Characteristics

Imports

shlwapi

ole32

comctl32

gdi32

kernel32

comdlg32

user32

rpcrt4

Sections

.text Size: 166KB - Virtual size: 166KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 20KB

.lib Size: 512B - Virtual size: 220KB

.text
Size: 166KB - Virtual size: 166KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 20KB

.lib
Size: 512B - Virtual size: 220KB