1048a8f995ecb8196730378e6ac5043e_JaffaCakes118

General

Target

1048a8f995ecb8196730378e6ac5043e_JaffaCakes118
Size

335KB
MD5

1048a8f995ecb8196730378e6ac5043e
SHA1

870201e3443df64262bf5c49fd6052e325209709
SHA256

62ae5a7cdf41df7a4fc9f16ccb13998cffbfaecf2b5553ccfbfca0fef96cb9a9
SHA512

c6107896404a503b5684ff69ebf9954d8fab8c0d23d1d2b8d6e4ccc9ab8a22f6e2e5da8a523138b0e11632310623a77b874f10c1cc0302622a3a6bd2af4f3577
SSDEEP

6144:i8irRAk0phE+qa0E5uvb2Ig9OgYdtcDXiv4j2OR6EUfK/VoJ6dYnVk:inAk0c+qa0E5cpgXnDXivw2Og5fUo8in

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1048a8f995ecb8196730378e6ac5043e_JaffaCakes118

Files

1048a8f995ecb8196730378e6ac5043e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

61c380c9559ed879d7f82c2962f4f318

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EndPage
DescribePixelFormat
EnumObjects
GetBkColor
CreateFontA
CopyEnhMetaFileA
FrameRgn
GdiFlush

kernel32

GetProcAddress
TlsSetValue
GetACP
LCMapStringA
LocalLock
OpenEventA
GetEnvironmentVariableA
OpenSemaphoreA
TlsGetValue
GetLastError
GetProcessHeap
ResumeThread
CreateSemaphoreA
QueryPerformanceCounter
CloseHandle
PulseEvent
VirtualAlloc
SuspendThread
GetTickCount
GetStartupInfoA
LocalReAlloc
GetModuleHandleA

winspool.drv

DeletePrinterDataExA
ConfigurePortA
DeletePrinterConnectionA
DeletePrinterKeyA
AddFormA
AddPrinterA
DeletePrinterDataA
DeletePrinter
AbortPrinter
ClosePrinter

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xzzpx
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61c380c9559ed879d7f82c2962f4f318

Headers

File Characteristics

Imports

gdi32

kernel32

winspool.drv

msvcrt

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 312KB - Virtual size: 311KB

.data Size: 512B - Virtual size: 97KB

.xzzpx Size: 2KB - Virtual size: 2KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 312KB - Virtual size: 311KB

.data
Size: 512B - Virtual size: 97KB

.xzzpx
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 5KB - Virtual size: 5KB