056d63c65af6c3b6af1d96d94f142f8c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

056d63c65af6c3b6af1d96d94f142f8c_JaffaCakes118
Size

2.1MB
MD5

056d63c65af6c3b6af1d96d94f142f8c
SHA1

c444440e3cbf9e773e22860a727e6b1dce55dc8f
SHA256

a9184ac1bf9e23372f45165fee19445a7d631a4f250ae666cc9a7f14f0538c8e
SHA512

541bd6727eef8c501ffcf5fdfb4d8a0f690abaff9551fd71ebaf16bc547d474bfcd97dea2507fdbe27f27073be559671aa7693c011411d4bd1cd194e8d159133
SSDEEP

24576:dNzDlDQrO9Sq3Tqs0o/GKNzSuBqcdoxq3:XNDQrtq328lNvdb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
056d63c65af6c3b6af1d96d94f142f8c_JaffaCakes118

Files

056d63c65af6c3b6af1d96d94f142f8c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d2b25f7dc81a34b9cb1ad70b187ed129

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

DeletePrinterConnectionW
GetPrintProcessorDirectoryW
GetSpoolFileHandle

user32

DdeReconnect
SystemParametersInfoW
LoadImageW
LoadCursorW
GetLastActivePopup
PtInRect
FrameRect
FillRect
GetDC
TrackPopupMenuEx
RemoveMenu
GetSystemMenu
GetActiveWindow
CharLowerW
GetClipboardViewer
GetClassInfoExW
GetClassInfoW
PeekMessageW

advapi32

RegDeleteValueW
RegCreateKeyExW
RegEnumKeyExW

kernel32

GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
SetStdHandle
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
RtlUnwind
LoadLibraryExW
HeapFree
SetFilePointerEx
WriteConsoleW
DecodePointer
VirtualAlloc
GetCurrentProcessId
FreeEnvironmentStringsW
DeleteCriticalSection
SetHandleCount
GetFileType
CloseHandle
GetSystemTimeAsFileTime
SystemTimeToFileTime
FileTimeToLocalFileTime
lstrcmpiW
TlsFree
CreateFileMappingW
GetModuleFileNameW
GetModuleHandleW
OutputDebugStringW
CreateFileW
FindFirstFileW
IsValidCodePage
GetCPInfo
GetUserDefaultLCID
EnumSystemLanguageGroupsW
GetConsoleWindow
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetStartupInfoW
WriteFile
QueryPerformanceCounter
GetEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
IsProcessorFeaturePresent
IsDebuggerPresent
GetACP
GetOEMCP
EnterCriticalSection
LeaveCriticalSection

urlmon

CreateURLMoniker

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 642KB - Virtual size: 7.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nodhe1
Size: 324KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.3a02ui
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1ut04h
Size: 298KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.e3l44
Size: 369KB - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2b25f7dc81a34b9cb1ad70b187ed129

Headers

File Characteristics

Imports

winspool.drv

user32

advapi32

kernel32

urlmon

Sections

.text Size: 79KB - Virtual size: 78KB

.data Size: 642KB - Virtual size: 7.6MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 1024B - Virtual size: 724B

.nodhe1 Size: 324KB - Virtual size: 324KB

.3a02ui Size: 88KB - Virtual size: 87KB

.1ut04h Size: 298KB - Virtual size: 297KB

.e3l44 Size: 369KB - Virtual size: 369KB

.rsrc Size: 362KB - Virtual size: 362KB

.text
Size: 79KB - Virtual size: 78KB

.data
Size: 642KB - Virtual size: 7.6MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 1024B - Virtual size: 724B

.nodhe1
Size: 324KB - Virtual size: 324KB

.3a02ui
Size: 88KB - Virtual size: 87KB

.1ut04h
Size: 298KB - Virtual size: 297KB

.e3l44
Size: 369KB - Virtual size: 369KB

.rsrc
Size: 362KB - Virtual size: 362KB