973f1a781f751f39f93df041be4f7502_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

973f1a781f751f39f93df041be4f7502_JaffaCakes118
Size

2.0MB
MD5

973f1a781f751f39f93df041be4f7502
SHA1

c53daa3021186d13dc95d28791b8869e33c8795b
SHA256

476e80ef8f41a14b5ca96132db3a007b1a8bdfb2be1618fd00a0ef8e3a629f9e
SHA512

0741a2f0161ca62e0cb9e9d46793896515d98f6690b4d63e43064096fb6aa54cb5cd85ae8cf0d95d04ecc8e7dfdb71738d1fee2ea8dac52abfb15b8a2f026001
SSDEEP

24576:cZPhMzU2Ryi0Cf5mz26f4qKwMGYaEU2R2:c9LyXU4dGPEP2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
973f1a781f751f39f93df041be4f7502_JaffaCakes118

Files

973f1a781f751f39f93df041be4f7502_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d7e2bf086a446eb5b8bc8954fc8d9390

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
FindFirstFileExW
FindNextFileW
CopyFileExW
SetFileShortNameW
EnumUILanguagesW
CloseHandle
WriteConsoleW
GetFileTime
ExitProcess
VirtualAlloc
GlobalLock
GetACP
RtlUnwind
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
LoadLibraryExW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsProcessorFeaturePresent
IsDebuggerPresent
IsValidCodePage
GetOEMCP
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
HeapFree
CreateFileW

winspool.drv

EnumFormsW

advapi32

RegQueryInfoKeyW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
OpenSCManagerW

user32

CloseDesktop
DispatchMessageW
RegisterClassW
IsZoomed
DdeFreeDataHandle
DrawIconEx
OffsetRect
SetPropW
DrawTextW
SetMenuDefaultItem
InsertMenuW
LoadAcceleratorsW
GetKeyboardType

ole32

ReleaseStgMedium
CoGetMalloc

wintrust

CryptCATAdminCalcHashFromFileHandle

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 954KB - Virtual size: 7.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t6tiat
Size: 341KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dw12p5
Size: 278KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.794s
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.loeer
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7e2bf086a446eb5b8bc8954fc8d9390

Headers

File Characteristics

Imports

kernel32

winspool.drv

advapi32

user32

ole32

wintrust

Sections

.text Size: 100KB - Virtual size: 99KB

.data Size: 954KB - Virtual size: 7.7MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 1024B - Virtual size: 724B

.t6tiat Size: 341KB - Virtual size: 341KB

.dw12p5 Size: 278KB - Virtual size: 277KB

.794s Size: 117KB - Virtual size: 117KB

.loeer Size: 115KB - Virtual size: 114KB

.rsrc Size: 100KB - Virtual size: 100KB

.text
Size: 100KB - Virtual size: 99KB

.data
Size: 954KB - Virtual size: 7.7MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 1024B - Virtual size: 724B

.t6tiat
Size: 341KB - Virtual size: 341KB

.dw12p5
Size: 278KB - Virtual size: 277KB

.794s
Size: 117KB - Virtual size: 117KB

.loeer
Size: 115KB - Virtual size: 114KB

.rsrc
Size: 100KB - Virtual size: 100KB