9981ea7f17bccb496ab9a67d004740fc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9981ea7f17bccb496ab9a67d004740fc_JaffaCakes118
Size

1.1MB
MD5

9981ea7f17bccb496ab9a67d004740fc
SHA1

a0944791e66c2e69cb88b716648f1f9c18061274
SHA256

548f7d3f2d97c74ef869678531eb6f07d4a817c8277515df780f88440053152d
SHA512

f57bd4362136ce62a8c0fe43d2f007027b350f27b0a86d29247b7c0c31b35256f403bc89f4bdbf915a6d01d94d4ffe6cd1de01631899cef6661114198d953bb1
SSDEEP

24576:LLSP51MPRkVuRftBs/0wGILtrBr7qtTbf+FpFP0pn:LLI3MausB7rBnZFsp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9981ea7f17bccb496ab9a67d004740fc_JaffaCakes118

Files

9981ea7f17bccb496ab9a67d004740fc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

346b36dd39d5b0d5593541499153f47b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
ExitProcess
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCurrentThreadId
GetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CloseHandle
GetCommProperties
GetCommTimeouts
SystemTimeToFileTime
FileTimeToSystemTime
OpenEventW
GetModuleHandleW
GlobalAddAtomW
DeleteFileW
GetACP
GetStringTypeW
GetConsoleWindow
GlobalUnlock
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
OutputDebugStringW
LoadLibraryExW
GlobalLock
GetProcAddress
RtlUnwind
IsDebuggerPresent
GetCPInfo
GetOEMCP
IsValidCodePage
HeapFree
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
CreateFileW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetStartupInfoW
GetCommandLineW
IsProcessorFeaturePresent
SetLastError
EncodePointer
DecodePointer
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType

oleaut32

SysFreeString
SetErrorInfo
GetErrorInfo
LoadTypeLi
VarNot
VarBoolFromStr
VarBstrFromDate
SysReAllocStringLen
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayAccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayPtrOfIndex
VariantInit
VariantChangeTypeEx
VarI4FromStr
VarDateFromStr
VarCyFromStr
RegisterTypeLi

advapi32

RegOpenKeyExW
RegCloseKey
RegSetValueExW

user32

RegisterWindowMessageW
GetMessageTime
GetClassInfoW
CheckDlgButton
DestroyMenu
TrackPopupMenu
InsertMenuItemW
SetMenuItemInfoW
EndPaint
SetPropW
ScreenToClient
FrameRect
IntersectRect
SetParent
RegisterClassW

winspool.drv

AddPrinterConnectionW

shell32

ShellAboutW
SHFileOperationW
ShellExecuteExW
Shell_NotifyIconW
SHGetSpecialFolderLocation
SHBrowseForFolderW
DragFinish

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 990KB - Virtual size: 7.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

346b36dd39d5b0d5593541499153f47b

Headers

File Characteristics

Imports

kernel32

oleaut32

advapi32

user32

winspool.drv

shell32

Sections

.text Size: 82KB - Virtual size: 82KB

.data Size: 990KB - Virtual size: 7.5MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 8KB - Virtual size: 8KB

.text
Size: 82KB - Virtual size: 82KB

.data
Size: 990KB - Virtual size: 7.5MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 8KB - Virtual size: 8KB