1813ac0ad1719104cf6652d92adbfaf2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1813ac0ad1719104cf6652d92adbfaf2_JaffaCakes118
Size

182KB
MD5

1813ac0ad1719104cf6652d92adbfaf2
SHA1

2f3f238c28462202246cac429dac31c8b31dc11e
SHA256

ea89931ebcb405c6f2a652b1039f251c6f0cfa7431a12032182667e78bd8f90e
SHA512

c6a469cc1f7102c2b5ff0bc0a3d5d43f665a9195e1ca5d2b00dc13bf847531e6c4d999fd53455e0123a67f7587bd442a11fca6b63e5c484871e42374e2a6f307
SSDEEP

3072:xmQZX6wCOgHzi7SZTLfTqdLqYSyOs4W73d1ZuCRGVGAgwymMyaMuI2VGT3tFBm:x/ZX6GgHzqTqYSZI31RGim1zbT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1813ac0ad1719104cf6652d92adbfaf2_JaffaCakes118

Files

1813ac0ad1719104cf6652d92adbfaf2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7d74627095ff96e90f3b7c1c320b9cb7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

ole32

CoCreateInstance
CoUninitialize
CoInitialize

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

SHGetSpecialFolderPathW

gdi32

Escape
SelectObject
GetClipBox
DeleteDC
GetDeviceCaps
DeleteObject
SetMapMode
RectVisible
SaveDC
SetTextColor
CreateBitmap
RestoreDC
SetWindowExtEx
ExtTextOutW
PtVisible
SetViewportOrgEx
OffsetViewportOrgEx
ScaleViewportExtEx
TextOutW
SetViewportExtEx
SetBkColor
ScaleWindowExtEx
GetStockObject

kernel32

RtlUnwind
FlushFileBuffers
TerminateProcess
LCMapStringW
HeapCreate
UnhandledExceptionFilter
GetShortPathNameW
VirtualFree
SetStdHandle
GetProcessAffinityMask
GetTickCount
GetCurrentProcess
HeapSize
SetUnhandledExceptionFilter
GetCurrentProcessId
FreeEnvironmentStringsW
VirtualQuery
GetCPInfo
GetSystemTimeAsFileTime
IsBadWritePtr
EnumResourceTypesW
GetFileType
IsBadReadPtr
IsBadCodePtr
HeapDestroy
LCMapStringA
GetEnvironmentStringsW
GetCommandLineA
HeapReAlloc
HeapFree
WriteFile
VirtualProtect
HeapAlloc
GetStringTypeA
GetFileAttributesA
GetStdHandle
GetStringTypeW
GetSystemInfo
GetOEMCP
VirtualAlloc
GetStartupInfoA
GetModuleFileNameA
SetHandleCount
GetEnvironmentStrings
SetFilePointer
QueryPerformanceCounter
ExitProcess

user32

GetMenuCheckMarkDimensions
EnableMenuItem
GetLastActivePopup
EnableWindow
GetWindowLongW
GetDC
GetSystemMetrics
ReleaseDC
GetParent
LoadCursorW
ModifyMenuW
LoadBitmapW
IsWindowEnabled
MessageBoxW
GetSysColor
CheckMenuItem
GetWindowTextW
GetSysColorBrush

shlwapi

PathAppendW
PathFindFileNameW
PathFileExistsW
PathFindExtensionW

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d74627095ff96e90f3b7c1c320b9cb7

Headers

File Characteristics

Imports

winspool.drv

ole32

advapi32

shell32

gdi32

kernel32

user32

shlwapi

Sections

.text Size: 106KB - Virtual size: 106KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 70KB - Virtual size: 70KB

.tls Size: 1024B - Virtual size: 124KB

.text
Size: 106KB - Virtual size: 106KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 70KB - Virtual size: 70KB

.tls
Size: 1024B - Virtual size: 124KB