1500e6f858290f16acbe4ea7e138b4c5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1500e6f858290f16acbe4ea7e138b4c5_JaffaCakes118
Size

176KB
MD5

1500e6f858290f16acbe4ea7e138b4c5
SHA1

ab399dad4cc2cee555c3f40d7d14d11a294dcd54
SHA256

2408b78e69937741295facb18cc3112c35297d5429487f60d4090a9139d3e480
SHA512

0c496e88f056038ef3e57c798dc58de6dbc3cb52c8632aea5032b818ad7090d24d372d989e78ec176e50e3c1e10d1be3b77a173c626ad8f2625322e3a7bd2032
SSDEEP

3072:JHkuLVWdZKvKHFMoPeCAsBv2vGXPiI/4z4GdDvM04q1FyQA9Z/W0G65P87Vw/8yi:RkuLVSKCHFMoPeCIvEqw4zZdbc79dlXe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1500e6f858290f16acbe4ea7e138b4c5_JaffaCakes118

Files

1500e6f858290f16acbe4ea7e138b4c5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

73e388fe522bc15f4cdeac9ccd26a21b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
IsBadCodePtr
GetStdHandle
GetFileType
HeapReAlloc
GetEnvironmentStringsW
LCMapStringA
GetShortPathNameW
HeapAlloc
GetStringTypeA
IsBadReadPtr
WriteFile
RtlUnwind
GetProcessAffinityMask
SetFilePointer
SetStdHandle
HeapSize
GetSystemInfo
VirtualQuery
GetStringTypeW
EnumResourceTypesW
GetOEMCP
FlushFileBuffers
SetHandleCount
GetTickCount
GetEnvironmentStrings
UnhandledExceptionFilter
IsBadWritePtr
GetModuleFileNameA
SetUnhandledExceptionFilter
HeapDestroy
GetCommandLineA
VirtualFree
GetCurrentProcessId
GetStartupInfoA
GetSystemTimeAsFileTime
GetFileAttributesA
VirtualAlloc
FreeEnvironmentStringsW
GetCurrentProcess
GetCPInfo
HeapFree
QueryPerformanceCounter
LCMapStringW
HeapCreate
TerminateProcess
ExitProcess

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

ole32

CoUninitialize
CoCreateInstance
CoInitialize

gdi32

PtVisible
SetWindowExtEx
RectVisible
SelectObject
OffsetViewportOrgEx
SetViewportOrgEx
DeleteDC
DeleteObject
SetMapMode
GetClipBox
Escape
TextOutW
RestoreDC
ScaleWindowExtEx
SetViewportExtEx
ExtTextOutW
GetDeviceCaps
SaveDC
SetBkColor
CreateBitmap
SetTextColor
ScaleViewportExtEx
GetStockObject

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

user32

EnableWindow
GetSysColor
LoadBitmapW
IsWindowEnabled
ModifyMenuW
GetWindowTextW
GetMenuCheckMarkDimensions
CheckMenuItem
GetWindowLongW
GetParent
GetDC
LoadCursorW
EnableMenuItem
GetSystemMetrics
GetLastActivePopup
ReleaseDC
MessageBoxW
GetSysColorBrush

shlwapi

PathFileExistsW
PathAppendW
PathFindFileNameW
PathFindExtensionW

shell32

SHGetSpecialFolderPathW

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73e388fe522bc15f4cdeac9ccd26a21b

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

gdi32

winspool.drv

user32

shlwapi

shell32

Sections

.text Size: 102KB - Virtual size: 102KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 69KB - Virtual size: 68KB

.tls Size: 1024B - Virtual size: 248KB

.text
Size: 102KB - Virtual size: 102KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 69KB - Virtual size: 68KB

.tls
Size: 1024B - Virtual size: 248KB