4bd82c6a8ca6ab8f8c01fb8af9366974_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4bd82c6a8ca6ab8f8c01fb8af9366974_JaffaCakes118
Size

96KB
MD5

4bd82c6a8ca6ab8f8c01fb8af9366974
SHA1

c224ce41cf9a23d89e21f8bd42f3411786872dc5
SHA256

d439735560db294b29273e43c3aa6d7b29e9e74b2d8403b02757cbfd0387b349
SHA512

a822b61101b0b7e09daae1667761918de65554c01af90fbc59ac082e37499b7ffc6e101a289dc46a156d8e962c478b946709fe1133cc2cf7ec1eeb581ff451a4
SSDEEP

1536:Izn+ZDW7B6eMC9Jg/6ufJ2eAaPDPDaX6/vEbCp4KpLP92O8dvERRzwlQMwR:On4CGfEpSjD26HEWRPYO8dvELzgQMwR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bd82c6a8ca6ab8f8c01fb8af9366974_JaffaCakes118

Files

4bd82c6a8ca6ab8f8c01fb8af9366974_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5c371dbe1809a0427543bf1c5705e863

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

atol
fgetwc
strpbrk
_vsnprintf
sscanf
wcslen

user32

GetCaretBlinkTime
ClientToScreen
HideCaret
ReleaseDC
GrayStringW
ScrollWindowEx
GetCaretPos
CharLowerW
GetWindowTextLengthA
EnumPropsExA

winspool.drv

AddPrinterConnectionW

kernel32

lstrlenA
LockResource
SetFileAttributesA
GetCPInfo
FindResourceA
SetFileTime
GetModuleHandleA
SetThreadLocale
CompareStringA
GetEnvironmentVariableA
OpenEventW

gdi32

CreateCompatibleDC
GetBkMode
LineDDA
StartPage
RemoveFontResourceW
OffsetRgn

Exports

Exports

_Dpnuillqp_zzlgZc@4
_Mbljybwv_hkhar@4
_DPrutpje_hvyxNfe@8
_MDsnptCq_fqxtR@8

Sections

.icode
Size: 512B - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vars
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.base
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c371dbe1809a0427543bf1c5705e863

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

user32

winspool.drv

kernel32

gdi32

Exports

Exports

Sections

.icode Size: 512B - Virtual size: 308KB

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 2KB - Virtual size: 2KB

.vars Size: 1024B - Virtual size: 1024B

.base Size: 1024B - Virtual size: 776B

.data Size: 1024B - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 8B

.rsrc Size: 105KB - Virtual size: 105KB

.reloc Size: 5KB - Virtual size: 5KB

.icode
Size: 512B - Virtual size: 308KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 2KB - Virtual size: 2KB

.vars
Size: 1024B - Virtual size: 1024B

.base
Size: 1024B - Virtual size: 776B

.data
Size: 1024B - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 8B

.rsrc
Size: 105KB - Virtual size: 105KB

.reloc
Size: 5KB - Virtual size: 5KB