2c31651fc796af72a1c5f12776f97637_JaffaCakes118

General

Target

2c31651fc796af72a1c5f12776f97637_JaffaCakes118
Size

333KB
MD5

2c31651fc796af72a1c5f12776f97637
SHA1

17f496bc24b3cf70ab0acff078b1301c0741fa31
SHA256

fd96b5996322bbd2800e4a929183866b7afea7bc15bfa3498013ad1430efba31
SHA512

1410cb77ed6cf654a6815f5413a56eb47ec0b465d1fb498ea1f5c3e4170cac8e504baf33708ac42638031e8dfcd0c9468bf1ac771a20c96f6ee1888318672cf8
SSDEEP

6144:RaY8qZMZHtOYkel7W2YpMSSQsLC8SijUt0ySYrAGNt3F2pgG:RaYj2ZAYkelK2eMS1sW85mDrAERG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c31651fc796af72a1c5f12776f97637_JaffaCakes118

Files

2c31651fc796af72a1c5f12776f97637_JaffaCakes118
.exe windows:4 windows x86 arch:x86

97e461addee3e6169fa02d483f285b3d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoRevokeClassObject
StgOpenStorage

advapi32

RegSetValueExA
RegFlushKey
RegQueryValueA
RegDeleteKeyA
RegQueryMultipleValuesA
RegLoadKeyA
RegEnumKeyExA

kernel32

GetModuleHandleA
GetStartupInfoA
GetProfileIntA
GetProfileSectionA
GetPrivateProfileSectionA
GetProcAddress
FreeEnvironmentStringsA
GetEnvironmentVariableA
TlsSetValue
SuspendThread
QueryPerformanceCounter
TlsGetValue
GetModuleFileNameA
PulseEvent
GetEnvironmentStrings
ReleaseMutex
ReleaseSemaphore
LocalReAlloc
SetEvent
GetLastError
VirtualAlloc
ResetEvent
LCMapStringA

winspool.drv

ClosePrinter
AddFormA
AddPrinterConnectionA
AddJobA
DeletePrinterConnectionA
DeletePrinterDataA
ConfigurePortA
ConnectToPrinterDlg
AbortPrinter
DeleteFormA
AddPrinterA
DeletePrinter
AdvancedDocumentPropertiesA

msvcrt

_XcptFilter
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_exit

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97e461addee3e6169fa02d483f285b3d

Headers

File Characteristics

Imports

ole32

advapi32

kernel32

winspool.drv

msvcrt

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 314KB - Virtual size: 313KB

.data Size: 512B - Virtual size: 96KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 314KB - Virtual size: 313KB

.data
Size: 512B - Virtual size: 96KB

.rsrc
Size: 5KB - Virtual size: 5KB