3099b332c27333e532c9b089bd83f533_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3099b332c27333e532c9b089bd83f533_JaffaCakes118
Size

3.0MB
MD5

3099b332c27333e532c9b089bd83f533
SHA1

7eff2a747a328309105e54cb928248e1db748151
SHA256

8d0ff7cce638d72aa62dd8c568716eadc9175b2c60353c4fd0257a6fa7912106
SHA512

fe5b5f6fb13340d0d66646aaa08377b1f2a9c28253d7e12c6b15280284404e6920f6eb5d00a1d2ff73b60a95fecd92a576bbf74a309ca88c9b9bca95898f312d
SSDEEP

49152:YONpSbILyF1RbMl/0t8cj3iXiFMLVAHYkuTgtlddxdhc5Z15QhHR99I+/Z9YrfXy:YeiFMLGRhc5Z1WhHC6Z9W2xb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3099b332c27333e532c9b089bd83f533_JaffaCakes118

Files

3099b332c27333e532c9b089bd83f533_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dee6e4149e986014e434a5c2da99f1e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey

kernel32

DeleteFileA
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

mpr

WNetGetUniversalNameW

version

VerQueryValueW

winspool.drv

OpenPrinterW

comctl32

ImageList_ReplaceIcon

gdi32

GetTextMetricsW

msimg32

AlphaBlend

shell32

ShellExecuteW

user32

EnableWindow

winmm

timeGetTime

ole32

CoInitialize

oleaut32

VariantChangeType

wininet

InternetSetOptionW

Exports

Exports

@@Mainform@Finalize
@@Mainform@Initialize
@@Rform@Finalize
@@Rform@Initialize
_Form2
__GetExceptDLLinfo
___CPPdebugHook
_pForm

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 640KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 375KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 117KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 687KB - Virtual size: 687KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp2
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dee6e4149e986014e434a5c2da99f1e7

Headers

File Characteristics

Imports

advapi32

kernel32

mpr

version

winspool.drv

comctl32

gdi32

msimg32

shell32

user32

winmm

ole32

oleaut32

wininet

Exports

Exports

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.data Size: 81KB - Virtual size: 640KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 14KB - Virtual size: 16KB

.didata Size: 1024B - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 375KB - Virtual size: 376KB

.vmp0 Size: 117KB - Virtual size: 120KB

.vmp1 Size: 687KB - Virtual size: 687KB

.vmp2 Size: 109KB - Virtual size: 109KB

.reloc Size: 118KB - Virtual size: 117KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.data
Size: 81KB - Virtual size: 640KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 14KB - Virtual size: 16KB

.didata
Size: 1024B - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 375KB - Virtual size: 376KB

.vmp0
Size: 117KB - Virtual size: 120KB

.vmp1
Size: 687KB - Virtual size: 687KB

.vmp2
Size: 109KB - Virtual size: 109KB

.reloc
Size: 118KB - Virtual size: 117KB