69a1e7909fbd73e72ec93dc9f5c17856_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

69a1e7909fbd73e72ec93dc9f5c17856_JaffaCakes118
Size

369KB
MD5

69a1e7909fbd73e72ec93dc9f5c17856
SHA1

2e6857888ffb4ea6f1515a3fc1f2ce8cef3239bf
SHA256

69a3611b17d540e18ab15778f4774bee6db8c36bd33ff42c788b13baa5f58744
SHA512

ae52c15374205daa799d60a9465fa0e79ce9b03f64fcf313273c005a68a372346b904353ae492d60d081b4c7f2531168c758bb1fb8441dac224ba6a733596797
SSDEEP

6144:aEa3yjNkep05tGZcJV38CwkjDjWmiw3GETtBz57OOwlqJSX9zGmm+A:mCjmep05tZJBvziu3/bNOxOSNBA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69a1e7909fbd73e72ec93dc9f5c17856_JaffaCakes118

Files

69a1e7909fbd73e72ec93dc9f5c17856_JaffaCakes118
.exe windows:4 windows x86 arch:x86

89ed967f18e6eaf4e6da4be27ee7bf17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadIconA
WindowFromPoint
IsWindow
GetDialogBaseUnits
IsWindowUnicode
DialogBoxParamA
BringWindowToTop
BeginDeferWindowPos
DestroyWindow
ShowOwnedPopups
CreateWindowExA

gdi32

DescribePixelFormat
GetBrushOrgEx
CloseEnhMetaFile
AddFontResourceW
GetBkMode
Ellipse
CreateDCA
FillRgn
BitBlt
GdiFlush
DeleteEnhMetaFile
DrawEscape
DeleteMetaFile

advapi32

SetTokenInformation
AccessCheck
ReportEventA
NotifyChangeEventLog
ReportEventW

kernel32

TlsGetValue
GetLastError
HeapDestroy
HeapCreate
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
GetStringTypeW
CreateMutexA
HeapCompact
GetCurrencyFormatA
GlobalFree
GetSystemDefaultLCID
ResetEvent
LocalReAlloc
VirtualFree
LeaveCriticalSection
HeapWalk
IsValidLocale
GlobalHandle
IsBadWritePtr
WritePrivateProfileStructA
GetProfileIntA
GetProcAddress
GetHandleInformation
VirtualAllocEx
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
SetLastError
GetACP
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
GetCPInfo

winspool.drv

GetPrinterDriverA
AddPrinterDriverA
ConnectToPrinterDlg
DeletePrinterConnectionA
ConfigurePortA
AbortPrinter
AdvancedDocumentPropertiesA
EnumPrintProcessorsA
EnumPrinterDriversA
DeletePrinterKeyA

netapi32

NetUseEnum
NetGetJoinableOUs
NetGroupAddUser
NetAuditWrite
NetGetAnyDCName
NetFileClose
NetErrorLogWrite
NetGetDCName
NetConfigSet
NetAuditRead
NetAuditClear

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qinm
Size: 331KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89ed967f18e6eaf4e6da4be27ee7bf17

Headers

File Characteristics

Imports

user32

gdi32

advapi32

kernel32

winspool.drv

netapi32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 81KB

.qinm Size: 331KB - Virtual size: 330KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 81KB

.qinm
Size: 331KB - Virtual size: 330KB

.rsrc
Size: 3KB - Virtual size: 2KB