3594a801e992bc6978e9a3e8991e254f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3594a801e992bc6978e9a3e8991e254f_JaffaCakes118
Size

179KB
MD5

3594a801e992bc6978e9a3e8991e254f
SHA1

cf107e93ee9232477577a1fcfafd75ec8164ac0a
SHA256

ccc1c6c7591146e1394803c0e8efb389ca0c06ceb5e353b86149512d5ab32ac0
SHA512

e58e5e0b8e541b9700cdbad69910ba021758fb480877df755a2f7dc748c12f4c4a4f643ec4618641352f5bbeb19aac51aa3688c58c4ab2fa2a30713b7b3d7ece
SSDEEP

3072:EroFt9BLoTx6Pct0MRhMNHTpfCSzCMab+yWO+LJW3DSdaiT7E8Hx8C4UFUbu7/IF:Ht9Nct0MSlheg6zwR53q+IWzw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3594a801e992bc6978e9a3e8991e254f_JaffaCakes118

Files

3594a801e992bc6978e9a3e8991e254f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1d19843c4ddd233e798c443af0c41990

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

winspool.drv

DocumentPropertiesW

kernel32

GetLocaleInfoA
InterlockedCompareExchange
SetUnhandledExceptionFilter
HeapSize
GetVersion
QueryPerformanceCounter
TlsAlloc
lstrcpynW
WritePrivateProfileSectionW
VirtualFree
LeaveCriticalSection
WaitForSingleObject
FindResourceW
GetACP
WriteConsoleA
LocalAlloc
GetDriveTypeW
LCMapStringW
GetTickCount
CreateFileMappingW
GetConsoleMode
CheckRemoteDebuggerPresent
TlsGetValue
VirtualAlloc
FlushFileBuffers
GetStartupInfoA
CreateSemaphoreW
GetThreadLocale
EnumResourceTypesW
GetCurrentProcess
CreateFileA
SetFilePointer
GetOEMCP
lstrlenA
InterlockedExchange
Sleep
GetStringTypeW
GetSystemTimeAsFileTime
SetLastError
SetStdHandle
LoadResource
GetCurrentThreadId
GetConsoleCP
CopyFileW
WideCharToMultiByte
InitializeCriticalSection
GetCurrentProcessId
lstrcmpA
LoadLibraryA
RaiseException
IsProcessorFeaturePresent
HeapDestroy
SizeofResource
FlushInstructionCache
LockResource
HeapCreate
MulDiv
GetCPInfo
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
TlsSetValue
LocalFree
LCMapStringA
IsDebuggerPresent
TlsFree
GetFileType

user32

BeginPaint
EndPaint
LoadCursorW
MessageBoxW
SystemParametersInfoW
SetDlgItemTextW
GetAncestor
GetWindowInfo
GetDlgItemTextW
GetClassInfoExW
MapWindowPoints
PeekMessageW
GetParent
GetDC
TranslateMessage
DispatchMessageW
DestroyWindow
RegisterClassExW
GetWindowTextLengthW
SetWindowPos
GetClientRect
SetCapture
SetWindowTextW
GetWindow
CreateWindowExW
GetWindowRect
EndDialog

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d19843c4ddd233e798c443af0c41990

Headers

File Characteristics

Imports

winspool.drv

kernel32

user32

Sections

.text Size: 121KB - Virtual size: 120KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 54KB - Virtual size: 53KB

.isete Size: 1024B - Virtual size: 112KB

.text
Size: 121KB - Virtual size: 120KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 54KB - Virtual size: 53KB

.isete
Size: 1024B - Virtual size: 112KB