4bd3985a3818a4ab1a648ad51d2cc800_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4bd3985a3818a4ab1a648ad51d2cc800_JaffaCakes118
Size

369KB
MD5

4bd3985a3818a4ab1a648ad51d2cc800
SHA1

b8b0edcb931574154377ac340548c9f5529e4911
SHA256

fd8aebfbc0aae23247e2dcb3f5d25d9485723f065ec3666c387f3936467b58dd
SHA512

67e2b05e1c9283adf15f60af5d592756f09ed54a3b5ed71fe059b2eb96a1929c0e322c3610999f65544f3b04a0aaeaf38b7df4377b30a19ebac6360b8ff968e5
SSDEEP

6144:7Bx3o5YH7lIhy+pGrEwtxXwAYZPyer29ciO1Py3UGVpV40glqGtgjiRd/kZEaeRy:/Y5I7lIRrwtBAZPye2lCyVYRqGtq0kZ8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bd3985a3818a4ab1a648ad51d2cc800_JaffaCakes118

Files

4bd3985a3818a4ab1a648ad51d2cc800_JaffaCakes118
.exe windows:4 windows x86 arch:x86

89ed967f18e6eaf4e6da4be27ee7bf17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadIconA
WindowFromPoint
IsWindow
GetDialogBaseUnits
IsWindowUnicode
DialogBoxParamA
BringWindowToTop
BeginDeferWindowPos
DestroyWindow
ShowOwnedPopups
CreateWindowExA

gdi32

DescribePixelFormat
GetBrushOrgEx
CloseEnhMetaFile
AddFontResourceW
GetBkMode
Ellipse
CreateDCA
FillRgn
BitBlt
GdiFlush
DeleteEnhMetaFile
DrawEscape
DeleteMetaFile

advapi32

SetTokenInformation
AccessCheck
ReportEventA
NotifyChangeEventLog
ReportEventW

kernel32

TlsGetValue
GetLastError
HeapDestroy
HeapCreate
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
GetStringTypeW
CreateMutexA
HeapCompact
GetCurrencyFormatA
GlobalFree
GetSystemDefaultLCID
ResetEvent
LocalReAlloc
VirtualFree
LeaveCriticalSection
HeapWalk
IsValidLocale
GlobalHandle
IsBadWritePtr
WritePrivateProfileStructA
GetProfileIntA
GetProcAddress
GetHandleInformation
VirtualAllocEx
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
SetLastError
GetACP
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
GetCPInfo

winspool.drv

GetPrinterDriverA
AddPrinterDriverA
ConnectToPrinterDlg
DeletePrinterConnectionA
ConfigurePortA
AbortPrinter
AdvancedDocumentPropertiesA
EnumPrintProcessorsA
EnumPrinterDriversA
DeletePrinterKeyA

netapi32

NetUseEnum
NetGetJoinableOUs
NetGroupAddUser
NetAuditWrite
NetGetAnyDCName
NetFileClose
NetErrorLogWrite
NetGetDCName
NetConfigSet
NetAuditRead
NetAuditClear

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nvd
Size: 331KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89ed967f18e6eaf4e6da4be27ee7bf17

Headers

File Characteristics

Imports

user32

gdi32

advapi32

kernel32

winspool.drv

netapi32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 81KB

.nvd Size: 331KB - Virtual size: 330KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 81KB

.nvd
Size: 331KB - Virtual size: 330KB

.rsrc
Size: 3KB - Virtual size: 2KB