3aac26b619365fdb3f420e258387374e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3aac26b619365fdb3f420e258387374e_JaffaCakes118
Size

265KB
MD5

3aac26b619365fdb3f420e258387374e
SHA1

3f16d7896808e02992ed5fca9db6de963343e7e3
SHA256

5c6e67b130f533086fa59e75e9107352331c9e36b3c6cad0de6e49bb3b4f9a8f
SHA512

a23082879b651e4162e7630c3e4efa8e8a528c9403f3f6cbca3a3d96eb8992bd0f0e409e2b4764a22a563c6914e385fb022b4ced6981f54639c86421a759d460
SSDEEP

6144:dH4Tmfn8dMwBnVpV21WBMA41aZcCfZ34+rDLr:d6m85nXV21Wi1aZPh3ZH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3aac26b619365fdb3f420e258387374e_JaffaCakes118

Files

3aac26b619365fdb3f420e258387374e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6cb9cc5d8e2ecdb5ac363cb6a8f3c231

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
CoTaskMemFree
CoCreateGuid
IIDFromString
CoTaskMemRealloc
CoTaskMemAlloc

rpcrt4

UuidFromStringW
UuidCreate

kernel32

GetUserDefaultLangID
LockResource
FormatMessageW
SystemTimeToFileTime
OpenThread
lstrlenW
IsDebuggerPresent
GetCurrentThreadId
LocalFree
RaiseException
GetDriveTypeW
CloseHandle
SystemTimeToTzSpecificLocalTime
LeaveCriticalSection
EnterCriticalSection
GetFileSize
LoadResource
lstrlenA
SetUnhandledExceptionFilter
DeleteCriticalSection
CreateFileW
GetModuleHandleW
LocalAlloc
LoadLibraryExW
GetSystemTime
HeapReAlloc
SetLastError
ReadFile
FileTimeToSystemTime
FindResourceW
GetProcessHeap
GetNumberFormatW
SizeofResource
HeapFree
FindResourceExW
HeapSize
FreeLibrary
GetSystemTimeAsFileTime
OutputDebugStringW
GetTimeZoneInformation
HeapAlloc
UnhandledExceptionFilter
HeapDestroy
lstrcmpiW
GetCurrentDirectoryA
VirtualAllocEx

user32

GetForegroundWindow
GetSystemMetrics
GetActiveWindow
LoadStringW
SetCursor
GetTopWindow
GetDesktopWindow
SystemParametersInfoW
CharNextW
LoadCursorW

oleaut32

VarUI4FromStr
VariantClear

winspool.drv

SetPrinterA
XcvDataW
DeletePrinterKeyA
AddPrinterDriverA
AdvancedDocumentPropertiesW
SpoolerPrinterEvent
AddPrintProcessorW
EnumPrinterDriversA
DocumentPropertiesW
AddFormW
AddPrinterW
GetPrinterDriverDirectoryW

kbdur

KbdLayerDescriptor

Sections

.Rncx
Size: 1024B - Virtual size: 18KB

IMAGE_SCN_MEM_READ

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bmTUB
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.WySP
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rWIqOwD
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nrrW
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.EmBZyQ
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PtVR
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TlfSNwR
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.AEZK
Size: 1024B - Virtual size: 585B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6cb9cc5d8e2ecdb5ac363cb6a8f3c231

Headers

DLL Characteristics

File Characteristics

Imports

ole32

rpcrt4

kernel32

user32

oleaut32

winspool.drv

kbdur

Sections

.Rncx Size: 1024B - Virtual size: 18KB

.text Size: 18KB - Virtual size: 18KB

.bmTUB Size: 1KB - Virtual size: 1KB

.WySP Size: 3KB - Virtual size: 2KB

.rWIqOwD Size: 1KB - Virtual size: 1KB

.nrrW Size: 3KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 325KB

.rdata Size: 208KB - Virtual size: 207KB

.EmBZyQ Size: 3KB - Virtual size: 2KB

.PtVR Size: 2KB - Virtual size: 2KB

.rsrc Size: 10KB - Virtual size: 10KB

.TlfSNwR Size: 2KB - Virtual size: 1KB

.AEZK Size: 1024B - Virtual size: 585B

.Rncx
Size: 1024B - Virtual size: 18KB

.text
Size: 18KB - Virtual size: 18KB

.bmTUB
Size: 1KB - Virtual size: 1KB

.WySP
Size: 3KB - Virtual size: 2KB

.rWIqOwD
Size: 1KB - Virtual size: 1KB

.nrrW
Size: 3KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 325KB

.rdata
Size: 208KB - Virtual size: 207KB

.EmBZyQ
Size: 3KB - Virtual size: 2KB

.PtVR
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 10KB - Virtual size: 10KB

.TlfSNwR
Size: 2KB - Virtual size: 1KB

.AEZK
Size: 1024B - Virtual size: 585B