2c80e3532ef66b27dde987511f5dfa9e_JaffaCakes118

General

Target

2c80e3532ef66b27dde987511f5dfa9e_JaffaCakes118
Size

334KB
MD5

2c80e3532ef66b27dde987511f5dfa9e
SHA1

c4a3ca18a9b65d37b920af8b002f51e480e4091b
SHA256

3234e825e7ee8be23803307d0333b60f89ffd821005ff8fa56b6df32dca5a398
SHA512

2b8f37bda8c7bc9cb4e10a1f904d6980128536139eed7ceeeb4572cbc8724eec0fceb688d5c37cfe6c11cb9a093b7c77f03b4b5e901c5006381043bbee584b30
SSDEEP

6144:/MZnW1YnbIZNWVxiMyoA2y7NQj55tZ9H3y1NCZx/tyADGVnyVb0a8m:lYbQuxiMnyZcHHRL/nDAny9Ym

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c80e3532ef66b27dde987511f5dfa9e_JaffaCakes118

Files

2c80e3532ef66b27dde987511f5dfa9e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

140d1cfdd7d997770f277d569e8adf0f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoRegisterSurrogate
StgOpenPropStg

advapi32

RegSaveKeyA
RegQueryMultipleValuesA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegOpenKeyA
RegOverridePredefKey

kernel32

GetModuleHandleA
GetProcessHeap
GetProfileIntA
GetPrivateProfileSectionA
GetPrivateProfileStructA
GetProcAddress
OpenSemaphoreA
GetLastError
VirtualAlloc
ReleaseMutex
ReleaseSemaphore
LocalLock
GetACP
SetEvent
ResetEvent
FreeEnvironmentStringsA
GetCommandLineA
PulseEvent
LCMapStringA
SuspendThread
TlsGetValue
LocalHandle
GetStdHandle
GetStartupInfoA
CloseHandle

winspool.drv

ConfigurePortA
DeletePrinterConnectionA
AbortPrinter
DeletePrinterDataA
DeletePrinter
AdvancedDocumentPropertiesA
ConnectToPrinterDlg
DeleteFormA
AddPrinterConnectionA
DeletePrinterKeyA
AddJobA

msvcrt

exit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_exit
_XcptFilter

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

140d1cfdd7d997770f277d569e8adf0f

Headers

File Characteristics

Imports

ole32

advapi32

kernel32

winspool.drv

msvcrt

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 314KB - Virtual size: 314KB

.data Size: 512B - Virtual size: 92KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 314KB - Virtual size: 314KB

.data
Size: 512B - Virtual size: 92KB

.rsrc
Size: 5KB - Virtual size: 5KB