154947fcf17ee0385b2cebf73ffaffba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

154947fcf17ee0385b2cebf73ffaffba_JaffaCakes118
Size

171KB
MD5

154947fcf17ee0385b2cebf73ffaffba
SHA1

7078a552c20c24db3be0f0dd21738f44a4801c28
SHA256

1376726d9fa0b940ad3e494a90a313b4a9eba14458bdf26287ed3c5f50e5ac1f
SHA512

4dfa117fae08ba48da52d2e632f1f92401037ce2bdc03e6c497583b1b72523d79b8b42fcc3e32ac8e8cdc308aa8a55aabae8799b7c58498a3d632ae86c5d7e3c
SSDEEP

3072:+uX7j+V9E0rESR95kf1F2agL9FqfXSV9j7z2KHtxXxPQcyjXxAwSwgpKq:p3US0rESQqLZFqAsrcyjXxXSTpb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
154947fcf17ee0385b2cebf73ffaffba_JaffaCakes118

Files

154947fcf17ee0385b2cebf73ffaffba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

97b5ccb77f8cb870c5d20e2593759640

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

winspool.drv

DocumentPropertiesW

user32

CreateWindowExW
GetWindowInfo
SetWindowPos
GetWindowRect
DestroyWindow
GetClientRect
EndPaint
SystemParametersInfoW
MapWindowPoints
RegisterClassExW
PeekMessageW
GetDlgItemTextW
SetDlgItemTextW
GetParent
BeginPaint
GetWindowTextLengthW
LoadCursorW
GetClassInfoExW
SetCapture
GetWindow
SetWindowTextW
TranslateMessage
GetAncestor
GetDC
MessageBoxW
DispatchMessageW
EndDialog

kernel32

FlushFileBuffers
lstrcpynW
GetSystemTimeAsFileTime
Sleep
lstrcmpA
GetCurrentProcess
LoadLibraryA
GetOEMCP
VirtualAlloc
GetCurrentThreadId
WriteConsoleA
FlushInstructionCache
SizeofResource
GetDriveTypeW
TlsGetValue
TlsSetValue
LocalAlloc
HeapSize
QueryPerformanceCounter
CreateSemaphoreW
SetFilePointer
CreateFileMappingW
CheckRemoteDebuggerPresent
GetTickCount
GetStringTypeA
LeaveCriticalSection
IsDebuggerPresent
LCMapStringW
TlsAlloc
InterlockedExchange
GetThreadLocale
CopyFileW
SetStdHandle
EnumResourceTypesW
SetLastError
TlsFree
InterlockedCompareExchange
LCMapStringA
CreateFileA
GetCurrentProcessId
WriteConsoleW
InitializeCriticalSection
GetACP
lstrlenA
RaiseException
GetConsoleMode
LoadResource
FindResourceW
LocalFree
LockResource
GetVersion
MulDiv
GetConsoleOutputCP
GetStringTypeW
WritePrivateProfileSectionW
WideCharToMultiByte
GetConsoleCP
WaitForSingleObject
VirtualFree
GetStartupInfoA
GetCPInfo
GetLocaleInfoA
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
HeapDestroy
HeapCreate
GetFileType

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97b5ccb77f8cb870c5d20e2593759640

Headers

File Characteristics

Imports

winspool.drv

user32

kernel32

Sections

.text Size: 117KB - Virtual size: 116KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 49KB - Virtual size: 49KB

.isete Size: 1024B - Virtual size: 372KB

.text
Size: 117KB - Virtual size: 116KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 49KB - Virtual size: 49KB

.isete
Size: 1024B - Virtual size: 372KB