8a56ab1b917eab647cf8d76ee32faeb4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8a56ab1b917eab647cf8d76ee32faeb4_JaffaCakes118
Size

2.5MB
MD5

8a56ab1b917eab647cf8d76ee32faeb4
SHA1

558601dcd2e206af78816ecef9a9f25dd3a0047f
SHA256

b1f5f6b9c70375f176f0d2284160d6d362701c583e89667259d537b3a04ec261
SHA512

e2422783d1e988e7a54e5cdc37b453aa8ae1c55938bcfbe6327ad669bf391b0c8dc4919494a6bed6a7990fc5f7d6a1b81fc23ed8c83a7f35ac1a355e0197a1c4
SSDEEP

24576:mjaA4cO6YArkVamqQlPRtN6Xkp43jv1L+VRs:mjpONHlPvNuk2jv1h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a56ab1b917eab647cf8d76ee32faeb4_JaffaCakes118

Files

8a56ab1b917eab647cf8d76ee32faeb4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

948670a7ac1f4a612535c1a0062606bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

DeleteMonitorW
AddFormW

kernel32

GetVersion
GlobalAlloc
GlobalLock
GlobalUnlock
LocalFree
VirtualAlloc
GetCurrentProcessId
GetEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
GetLocalTime
FileTimeToLocalFileTime
DosDateTimeToFileTime
lstrcmpW
WriteConsoleW
LoadLibraryW
GetModuleFileNameW
GetProfileIntW
GetSystemDirectoryW
CreateDirectoryW
QueryPerformanceFrequency
GetACP
GetOEMCP
WideCharToMultiByte
LCMapStringW
GetUserDefaultLangID
EnumUILanguagesW
GetConsoleWindow
CloseHandle
lstrcmpiW
SetLastError
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
HeapFree
GetCommandLineW
RaiseException
IsProcessorFeaturePresent
EncodePointer
GetLastError
CreateFileW
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
WriteFile
QueryPerformanceCounter
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsDebuggerPresent
IsValidCodePage
GetCPInfo
EnterCriticalSection
LeaveCriticalSection

advapi32

RegCloseKey
RegDeleteValueW

rasapi32

RasGetEntryPropertiesW

psapi

GetProcessImageFileNameW

user32

GetIconInfo
LoadIconW
SetWindowsHookExW
DrawFocusRect
MessageBeep
SetScrollPos
GetComboBoxInfo
DrawTextW
DrawMenuBar
GetSystemMetrics
IsDlgButtonChecked
GetDlgItemInt
GetDlgItem
CreateDialogParamW
DdeConnect
DdeImpersonateClient
BeginPaint

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 814KB - Virtual size: 7.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.y8ta
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.404sr
Size: 666KB - Virtual size: 666KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.5hesg
Size: 466KB - Virtual size: 466KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

948670a7ac1f4a612535c1a0062606bb

Headers

File Characteristics

Imports

winspool.drv

kernel32

advapi32

rasapi32

psapi

user32

Sections

.text Size: 82KB - Virtual size: 81KB

.data Size: 814KB - Virtual size: 7.7MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 1024B - Virtual size: 724B

.y8ta Size: 195KB - Virtual size: 195KB

.404sr Size: 666KB - Virtual size: 666KB

.5hesg Size: 466KB - Virtual size: 466KB

.rsrc Size: 363KB - Virtual size: 362KB

.text
Size: 82KB - Virtual size: 81KB

.data
Size: 814KB - Virtual size: 7.7MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 1024B - Virtual size: 724B

.y8ta
Size: 195KB - Virtual size: 195KB

.404sr
Size: 666KB - Virtual size: 666KB

.5hesg
Size: 466KB - Virtual size: 466KB

.rsrc
Size: 363KB - Virtual size: 362KB