1675cea69186c152852118f47f915a35_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1675cea69186c152852118f47f915a35_JaffaCakes118
Size

420KB
MD5

1675cea69186c152852118f47f915a35
SHA1

84c4a69d7f030736a97bcc0b29a1011e163c22a2
SHA256

2e2ef87d676c085e9c3e7f678112e9d1b90e19b69e533ea06c73803234031f04
SHA512

442774d5a56202212d32c8aa6dde1036c1d1c413a2b1ea6c1c00cc02ef649ec84b72383ec52dfb2704e13b9441da1d447b0fcf3e7d026bfd472748d1ff84ad3d
SSDEEP

6144:ZyXDrnPSUH9O923L+uf+amannB4sA4Z2DEVpITq4JE:ZyXDrnP1H9O9236uf7mknirDw4JE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1675cea69186c152852118f47f915a35_JaffaCakes118

Files

1675cea69186c152852118f47f915a35_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4d739b3d642c1ef366dbeb3273419527

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
GetFullPathNameA
SetEvent
CreateEventA
Sleep
WritePrivateProfileStringA
SetFileAttributesA
DeleteFileA
GetTickCount
MoveFileExA
TerminateProcess
GetModuleHandleA
LoadLibraryA
CreateProcessA
WaitForSingleObject
CopyFileA
GetProcAddress
FreeLibrary
GetSystemDefaultLangID
GetLastError
FindNextFileA
CreateFileA
FindFirstFileA
FindClose
CompareFileTime
GetFileTime
CloseHandle
GetSystemDirectoryA
GetVersionExA
CreateDirectoryA
LCMapStringW
SetEnvironmentVariableA
GetWindowsDirectoryA
SetFilePointer
SetHandleCount
GetStringTypeA
GetOEMCP
GetStringTypeW
CompareStringW
CompareStringA
SetEndOfFile
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
GetCurrentProcess
GetStartupInfoA
GetCommandLineA
GetVersion
RaiseException
HeapFree
FlushFileBuffers
WriteFile
HeapAlloc
HeapReAlloc
HeapSize
MultiByteToWideChar
LCMapStringA
GetEnvironmentStringsW
GetACP
HeapDestroy
GetStdHandle
GetFileType
ReadFile
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
VirtualAlloc
IsBadWritePtr
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
SetStdHandle
IsBadReadPtr
IsBadCodePtr
GetCPInfo

winspool.drv

DeletePrinter
DeletePrinterDriverA
ClosePrinter
EnumPrintersA
EnumPrinterDriversA
OpenPrinterA
GetPrinterDriverA

advapi32

CloseServiceHandle
CreateServiceA
RegisterEventSourceA
ReportEventA
SetServiceStatus
RegQueryInfoKeyA
RegEnumKeyA
DeregisterEventSource
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegFlushKey
RegOpenKeyExA
RegSetValueExA
RegCloseKey
StartServiceCtrlDispatcherA
RegQueryValueExA
OpenSCManagerA
QueryServiceStatus
RegisterServiceCtrlHandlerA
OpenServiceA
DeleteService
ControlService
IsTextUnicode

Sections

.text
Size: 224KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d739b3d642c1ef366dbeb3273419527

Headers

File Characteristics

Imports

kernel32

winspool.drv

advapi32

Sections

.text Size: 224KB - Virtual size: 222KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 24KB - Virtual size: 34KB

.rsrc Size: 4KB - Virtual size: 912B

.text
Size: 224KB - Virtual size: 222KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 24KB - Virtual size: 34KB

.rsrc
Size: 4KB - Virtual size: 912B