JaffaCakes118_9811bd67972acf0973b3ccc122a5bcd5

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_9811bd67972acf0973b3ccc122a5bcd5
Size

196KB
MD5

9811bd67972acf0973b3ccc122a5bcd5
SHA1

2f0155a3614c99530f3e4f6036b00a7bc6fbb7b3
SHA256

a4e8adfb9bc4560dc86040dc68df6a8d5421ee5a9dc2949f79e36195bcc75173
SHA512

f94b481c9f95419f314ee9bb552ba7ae9d96517d245ff700e6088b83527be85fdb7fa24f927d856bc7ba8d3b2617479be189d402b181fe3cdc693cb6582c713f
SSDEEP

3072:RXzSuAM+3gPYwwkI0+TJZO58GyZhwwPeHZ+NR8sP0Z8HfqisCC1NZQrs+ivk:RXWjQ3l0vO58xree0Z8HfqLRPZjpM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_9811bd67972acf0973b3ccc122a5bcd5

Files

JaffaCakes118_9811bd67972acf0973b3ccc122a5bcd5
.exe windows:4 windows x86 arch:x86

54e3faf063c1fe53f724ca349b15afe7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

PathIsURLW
PathCanonicalizeW
PathIsRelativeW
PathStripToRootW
PathIsRootW
PathCombineW

comdlg32

GetFileTitleA

ole32

CreateStreamOnHGlobal
OleDuplicateData
CoTaskMemAlloc
GetHGlobalFromStream
RevokeDragDrop
StringFromCLSID
CoCreateGuid
StgOpenStorageOnILockBytes
CoTaskMemFree
CLSIDFromProgID
CoGetMalloc
CoGetClassObject
StgCreateDocfileOnILockBytes
ProgIDFromCLSID
OleGetAutoConvert
OleRegGetUserType
CoFreeUnusedLibraries
RegisterDragDrop
CoCreateInstance
ReleaseStgMedium
CLSIDFromString
GetHGlobalFromILockBytes
OleRun
CreateILockBytesOnHGlobal

rpcrt4

NdrClientCall
RpcBindingSetAuthInfoA
RpcBindingFromStringBindingA
RpcStringBindingComposeA
RpcStringFreeA

comctl32

ImageList_GetIconSize
ImageList_DrawEx
ImageList_Add
ImageList_Create
ImageList_Destroy

user32

EmptyClipboard
DestroyIcon
GetSysColorBrush
WinHelpW
ChildWindowFromPoint
ToAscii
SetClipboardData
IsClipboardFormatAvailable
SetWindowPos
CallNextHookEx
SetWindowsHookExW
DefWindowProcW
DestroyCursor
DrawEdge
MonitorFromWindow
UnhookWindowsHookEx
ClipCursor
SetScrollRange
RegisterClassW
GetSysColor

gdi32

StrokePath
SetTextColor
SetStretchBltMode
GetBitmapBits
RoundRect
CreateFontIndirectA
CreatePen
GetPath
GetBkColor
ExtCreatePen
AnimatePalette
FlattenPath
PlgBlt
PolyBezier
SetDIBits

kernel32

CreateFiber
GetFileAttributesA
GetProfileStringW
IsDBCSLeadByte
VerLanguageNameW
SetCommConfig
GetVersionExW
GetFileType
FindResourceExA
GetFileTime
FileTimeToSystemTime
SetEndOfFile
EnumResourceNamesW
FlushFileBuffers
GetUserDefaultLangID
FlushFileBuffers
LocalAlloc
GetVolumeInformationW
GetSystemTime
FileTimeToLocalFileTime
LockFile
SearchPathW
UnlockFile
CompareStringW
GetSystemDirectoryW

Sections

.text
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54e3faf063c1fe53f724ca349b15afe7

Headers

File Characteristics

Imports

shlwapi

comdlg32

ole32

rpcrt4

comctl32

user32

gdi32

kernel32

Sections

.text Size: 166KB - Virtual size: 166KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 25KB - Virtual size: 24KB

.lib Size: 512B - Virtual size: 228KB

.text
Size: 166KB - Virtual size: 166KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 25KB - Virtual size: 24KB

.lib
Size: 512B - Virtual size: 228KB