3681e1fb79de1a56a564f2a9bdb0beea_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3681e1fb79de1a56a564f2a9bdb0beea_JaffaCakes118
Size

278KB
MD5

3681e1fb79de1a56a564f2a9bdb0beea
SHA1

3ab3c6263d9220a07d448351156d367328ba15ab
SHA256

f8c78191fc30257c2236bfb51c49d2538f57a56dc6dc6c4baa479e350071049f
SHA512

d44110f8d37d86d7ac423237f3255166697f2c915b2ee68bddc343ef39758e499f47073b0d957817be20f23b1dedf24691274b29a690cff66482f05c99f6e2c6
SSDEEP

6144:psNh3FiYgojSy1y454e4590y+GfqkP+dEkFj:psNhViYgXP45Q59UVF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3681e1fb79de1a56a564f2a9bdb0beea_JaffaCakes118

Files

3681e1fb79de1a56a564f2a9bdb0beea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9588eb7ea8b355acd9d2c33ad5df71ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
PropVariantClear
CoTaskMemFree
CoTaskMemRealloc
StringFromGUID2
CoTaskMemAlloc
CoCreateGuid

oleaut32

SysFreeString
VarUI4FromStr
SysAllocString
VariantCopy
VariantClear

kernel32

HeapFree
LocalAlloc
HeapSize
lstrcmpiW
VirtualAlloc
GetTempFileNameW
CreateFileW
LoadLibraryExW
GlobalFree
HeapAlloc
MoveFileExW
LeaveCriticalSection
GetSystemInfo
FindClose
WaitForMultipleObjects
SetFileTime
SetFileAttributesW
CreateSemaphoreW
OutputDebugStringW
ReleaseSemaphore
SetUnhandledExceptionFilter
VirtualFree
UnhandledExceptionFilter
DeleteFileW
GetTempPathW
FindResourceExW
FindNextFileW
GetLocalTime
FreeLibrary
CreateEventW
LocalFree
DeleteCriticalSection
CopyFileW
WideCharToMultiByte
GetProcessHeap
FindResourceW
FindFirstFileW
RaiseException
HeapDestroy
IsDebuggerPresent
LockResource
SetLastError
GetSystemTimeAsFileTime
GetCurrentThreadId
ReadFile
ResetEvent
RemoveDirectoryW
SizeofResource
lstrlenW
EnterCriticalSection
WriteFile
CloseHandle
GetFileSize
WaitForSingleObject
GetModuleHandleW
HeapReAlloc
GetSystemDefaultLangID
LoadResource
GetFullPathNameA
VirtualAllocEx
GetModuleHandleA

user32

CharLowerW
CharUpperW
CharNextW

winspool.drv

DocumentEvent
StartDocDlgW
SetJobW
ConfigurePortA
AdvancedSetupDialog
EnumJobsW
GetPrinterDriverDirectoryA
CommitSpoolData
EnumPrintersA
EnumPrinterDriversW
GetPrinterA
ResetPrinterW

mciavi32

DriverProc

Sections

.CwSjd
Size: 1024B - Virtual size: 36KB

IMAGE_SCN_MEM_READ

.JdUCfU
Size: 2KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ

.QDfjfAN
Size: 2KB - Virtual size: 17KB

IMAGE_SCN_MEM_READ

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.FFHzlH
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CuZXCWO
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pDkS
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tmINPvj
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Nmsj
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ibfAw
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sZUUHLj
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.KENF
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9588eb7ea8b355acd9d2c33ad5df71ba

Headers

DLL Characteristics

File Characteristics

Imports

ole32

oleaut32

kernel32

user32

winspool.drv

mciavi32

Sections

.CwSjd Size: 1024B - Virtual size: 36KB

.JdUCfU Size: 2KB - Virtual size: 20KB

.QDfjfAN Size: 2KB - Virtual size: 17KB

.text Size: 19KB - Virtual size: 18KB

.FFHzlH Size: 2KB - Virtual size: 1KB

.CuZXCWO Size: 3KB - Virtual size: 2KB

.pDkS Size: 2KB - Virtual size: 2KB

.data Size: 9KB - Virtual size: 13KB

.tmINPvj Size: 2KB - Virtual size: 1KB

.rdata Size: 208KB - Virtual size: 207KB

.Nmsj Size: 1KB - Virtual size: 1KB

.ibfAw Size: 3KB - Virtual size: 2KB

.rsrc Size: 17KB - Virtual size: 17KB

.sZUUHLj Size: 2KB - Virtual size: 2KB

.KENF Size: 2KB - Virtual size: 1KB

.CwSjd
Size: 1024B - Virtual size: 36KB

.JdUCfU
Size: 2KB - Virtual size: 20KB

.QDfjfAN
Size: 2KB - Virtual size: 17KB

.text
Size: 19KB - Virtual size: 18KB

.FFHzlH
Size: 2KB - Virtual size: 1KB

.CuZXCWO
Size: 3KB - Virtual size: 2KB

.pDkS
Size: 2KB - Virtual size: 2KB

.data
Size: 9KB - Virtual size: 13KB

.tmINPvj
Size: 2KB - Virtual size: 1KB

.rdata
Size: 208KB - Virtual size: 207KB

.Nmsj
Size: 1KB - Virtual size: 1KB

.ibfAw
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 17KB - Virtual size: 17KB

.sZUUHLj
Size: 2KB - Virtual size: 2KB

.KENF
Size: 2KB - Virtual size: 1KB