24abc2f83115b552a02c3b72970a76a4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

24abc2f83115b552a02c3b72970a76a4_JaffaCakes118
Size

124KB
MD5

24abc2f83115b552a02c3b72970a76a4
SHA1

f1e51b3bb796ad6fde3f666657ef494e04c47224
SHA256

286a0434691ca43447aa2cc93b4d922361f90c933737033c41edb5fee6f483ea
SHA512

1c36fe2a42437281aafc538fc3540d628b72958dfe5552f5405e6b46909616c50be40e533d4711fb2c365b17b03d45061ebb607b381d35887c5064709de4b9f2
SSDEEP

1536:mrl1Ca477EKQ5vBWzhOJyN57SVg+aVH8d4POdyElSlmHuinG7LXEVn70SEV3q3my:m/CffEH5JMeVgkSBfXg0SExVoJE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24abc2f83115b552a02c3b72970a76a4_JaffaCakes118

Files

24abc2f83115b552a02c3b72970a76a4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0ca6ecf023aa70c53538a7f3e97e272f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

RpcMgmtInqServerPrincNameW
RpcStringBindingParseA

user32

GetCursorPos
SetTimer
EmptyClipboard
EnumThreadWindows
GetCursor
FindWindowA
GetPriorityClipboardFormat
GetWindowLongA
GetDesktopWindow
IsClipboardFormatAvailable
GetWindowTextA

winspool.drv

DeletePrinterDriverW

kernel32

Sleep
GetVersionExA
lstrcmpA
SetCommConfig
SearchPathA
LocalFree
SetLastError
LocalFlags
SetThreadPriority
GetCurrentThread
LocalAlloc
ReadFile
GetCurrentThreadId
GetUserDefaultLangID
GetStringTypeExW
GetThreadLocale
GetPrivateProfileStringA

oleaut32

VarDecFromStr

wintrust

CryptCATAdminEnumCatalogFromHash

shlwapi

PathMatchSpecW

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

P
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ca6ecf023aa70c53538a7f3e97e272f

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

user32

winspool.drv

kernel32

oleaut32

wintrust

shlwapi

Sections

.text Size: 12KB - Virtual size: 11KB

P Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 11KB

DATA Size: 8KB - Virtual size: 4KB

CODE Size: 16KB - Virtual size: 14KB

.crt Size: 48KB - Virtual size: 47KB

.rsrc Size: 20KB - Virtual size: 19KB

.reloc Size: 4KB - Virtual size: 372B

.text
Size: 12KB - Virtual size: 11KB

P
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 11KB

DATA
Size: 8KB - Virtual size: 4KB

CODE
Size: 16KB - Virtual size: 14KB

.crt
Size: 48KB - Virtual size: 47KB

.rsrc
Size: 20KB - Virtual size: 19KB

.reloc
Size: 4KB - Virtual size: 372B