01ae95f72f3b376e69b040c948a6c8f0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

01ae95f72f3b376e69b040c948a6c8f0_JaffaCakes118
Size

540KB
MD5

01ae95f72f3b376e69b040c948a6c8f0
SHA1

f6b7e259e6af97140e8b036811f08b2bc65ed3aa
SHA256

88f627d22a0002a90f5a3ba45e978aa8981e8ab9779d27939a2137ea7454ba16
SHA512

325f2a0a7bba951091e2c646bacb394760244e722487e8e4fddbd09850c96316444579fba40c2c0dd933de780ab19da8ca9fc869129b0068a8df7e6a38de1917
SSDEEP

6144:gbNTTjhnyC/OND+TAHQconU81eXbZAVeporZBwJgZuRhNYIU/H8tsOYnQ9:gbNTxyC2NmAHQfnCZANZTIU/H8tsj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01ae95f72f3b376e69b040c948a6c8f0_JaffaCakes118

Files

01ae95f72f3b376e69b040c948a6c8f0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

447956759280e9c3c6b8586e0e402c02

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winscard

g_rgSCardT1Pci

ntdll

isprint

gdi32

GetDCPenColor
GetTextCharsetInfo

kernel32

SetUserGeoID
PostQueuedCompletionStatus
FindFirstChangeNotificationA
GetModuleHandleA
FlsGetValue
GetLogicalProcessorInformation
SetFileBandwidthReservation

shell32

SHAppBarMessage

netapi32

NetGroupDel

user32

UnionRect

wintrust

CryptCATAdminAcquireContext

advapi32

QueryUsersOnEncryptedFile
SetServiceBits
ObjectPrivilegeAuditAlarmA

urlmon

CreateAsyncBindCtxEx

ntdsapi

DsReplicaGetInfo2W

shlwapi

ChrCmpIA

mprapi

MprConfigInterfaceTransportRemove

msvcrt

vfprintf
fgets

winspool.drv

StartDocPrinterW
AddFormW
OpenPrinterW

wininet

InternetGetCookieW
InternetSetOptionW

rpcrt4

RpcServerUseProtseqW
RpcServerUseProtseqExW

Sections

.text
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 288KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

447956759280e9c3c6b8586e0e402c02

Headers

DLL Characteristics

File Characteristics

Imports

winscard

ntdll

gdi32

kernel32

shell32

netapi32

user32

wintrust

advapi32

urlmon

ntdsapi

shlwapi

mprapi

msvcrt

winspool.drv

wininet

rpcrt4

Sections

.text Size: 164KB - Virtual size: 160KB

.data Size: 288KB - Virtual size: 289KB

.code Size: 60KB - Virtual size: 56KB

.reloc Size: 24KB - Virtual size: 21KB

.text
Size: 164KB - Virtual size: 160KB

.data
Size: 288KB - Virtual size: 289KB

.code
Size: 60KB - Virtual size: 56KB

.reloc
Size: 24KB - Virtual size: 21KB