aea8cc9ea2da64828259ddad36685f8e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aea8cc9ea2da64828259ddad36685f8e_JaffaCakes118
Size

536KB
MD5

aea8cc9ea2da64828259ddad36685f8e
SHA1

ca319183736d722a4c5157930e8eba7fb24f3846
SHA256

fc762d1673347c40c10454641b6892dc07fea2e0a3564f5cdabcc8764335c5b5
SHA512

875254bf1a8265acab4ba84c6973a664130c990b2871d21245fc9113061b74933b251eca46b87678af70324f19514ebe3a2166a03d1eefeb0dcedd596a7f109b
SSDEEP

6144:DH/93YEXcP89331OH0j7Ie0+CCiJrOPHbzkXfYTmGaH5KQu2894mST2GG9:b6nE93wU5hCCiAzkXgTsvhq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aea8cc9ea2da64828259ddad36685f8e_JaffaCakes118

Files

aea8cc9ea2da64828259ddad36685f8e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

64fca862d2fcfbe66afe220fcd8b775b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDCPenColor
GetTextCharsetInfo

kernel32

SetFileBandwidthReservation
GetLogicalProcessorInformation
PostQueuedCompletionStatus
SetUserGeoID
FindFirstChangeNotificationA
FlsGetValue
GetModuleHandleA

mprapi

MprConfigInterfaceTransportRemove

winscard

g_rgSCardT1Pci

wininet

InternetSetOptionW
InternetGetCookieW

msvcrt

vfprintf
fgets
isprint

ntdsapi

DsReplicaGetInfo2W

user32

UnionRect

wintrust

CryptCATAdminAcquireContext

shlwapi

ChrCmpIA

netapi32

NetGroupDel

winspool.drv

AddFormW
StartDocPrinterW
OpenPrinterW

urlmon

CreateAsyncBindCtxEx

rpcrt4

RpcServerUseProtseqExW
RpcServerUseProtseqW

advapi32

ObjectPrivilegeAuditAlarmA
QueryUsersOnEncryptedFile
SetServiceBits

shell32

SHAppBarMessage

Sections

.text
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 284KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64fca862d2fcfbe66afe220fcd8b775b

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

mprapi

winscard

wininet

msvcrt

ntdsapi

user32

wintrust

shlwapi

netapi32

winspool.drv

urlmon

rpcrt4

advapi32

shell32

Sections

.text Size: 164KB - Virtual size: 160KB

.data Size: 284KB - Virtual size: 288KB

.code Size: 60KB - Virtual size: 56KB

.reloc Size: 24KB - Virtual size: 21KB

.text
Size: 164KB - Virtual size: 160KB

.data
Size: 284KB - Virtual size: 288KB

.code
Size: 60KB - Virtual size: 56KB

.reloc
Size: 24KB - Virtual size: 21KB