8684f03c9b3b62da25b543019a1c72c0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8684f03c9b3b62da25b543019a1c72c0_JaffaCakes118
Size

2.1MB
MD5

8684f03c9b3b62da25b543019a1c72c0
SHA1

edc94fefab21d38a0b412632fb1cfa6b5d0798d0
SHA256

675084097bfdadf3b1041c8dce623a57b39dada14e918f0cd278eb304379b255
SHA512

fbcfe7cb3af6b9acdb808b076c0bf2b4978f4c2a8fa6b473d005b7906405f792c48fb2e17347afa04a3c55dd8792372e4ea30b2445c2e3d3fe6512b44e6a6044
SSDEEP

24576:lN42hjTxgBvdhUtjkAK8gxn/RiuO0ZaAZ4E:lTjVgBvvUNjUx5E1jE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8684f03c9b3b62da25b543019a1c72c0_JaffaCakes118

Files

8684f03c9b3b62da25b543019a1c72c0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e8f4f8611aff49a638c70f9bc641b926

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

AppendMenuW
DestroyWindow
DdeEnableCallback
GetTopWindow
EqualRect
GetCursorPos
GetClientRect
GetWindowTextW
SetScrollRange
GetUpdateRect
GetWindowDC
GetDC
WindowFromDC
AllowSetForegroundWindow
TrackPopupMenu
ExitWindowsEx
CheckMenuItem
DrawMenuBar
MsgWaitForMultipleObjectsEx
GetFocus
RegisterClipboardFormatW
GetDlgItemInt
SetDlgItemInt
EndDialog
IsZoomed
BringWindowToTop
IsIconic
SetWindowPlacement
ShowWindow

kernel32

WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
CloseHandle
LeaveCriticalSection
EnterCriticalSection
GetOEMCP
GetACP
IsValidCodePage
VirtualAlloc
ExitProcess
GetSystemInfo
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
ReadFileScatter
GetStartupInfoW
FindResourceW
GetCPInfo
CompareStringW
GetLocaleInfoW
GetConsoleWindow
IsDebuggerPresent
HeapFree
GetCommandLineW
RaiseException
IsProcessorFeaturePresent
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
GetModuleHandleExW
GetProcAddress
CreateFileW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW

winspool.drv

AddJobW

advapi32

RegQueryValueExW

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 927KB - Virtual size: 7.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.4ld9
Size: 287KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.2nsi
Size: 436KB - Virtual size: 436KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.a6do8
Size: 302KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8f4f8611aff49a638c70f9bc641b926

Headers

File Characteristics

Imports

user32

kernel32

winspool.drv

advapi32

Sections

.text Size: 125KB - Virtual size: 125KB

.data Size: 927KB - Virtual size: 7.6MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 1024B - Virtual size: 724B

.4ld9 Size: 287KB - Virtual size: 286KB

.2nsi Size: 436KB - Virtual size: 436KB

.a6do8 Size: 302KB - Virtual size: 302KB

.rsrc Size: 104KB - Virtual size: 103KB

.text
Size: 125KB - Virtual size: 125KB

.data
Size: 927KB - Virtual size: 7.6MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 1024B - Virtual size: 724B

.4ld9
Size: 287KB - Virtual size: 286KB

.2nsi
Size: 436KB - Virtual size: 436KB

.a6do8
Size: 302KB - Virtual size: 302KB

.rsrc
Size: 104KB - Virtual size: 103KB