8539e5972df45121efb8f768f199d98d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8539e5972df45121efb8f768f199d98d_JaffaCakes118
Size

129KB
MD5

8539e5972df45121efb8f768f199d98d
SHA1

57a47057f5d604874e9add761074a03f6bb2d977
SHA256

0dd8d139ed31353e6e001d27c948089724e02578d0c000b4081cfe3230567e0d
SHA512

ba0cfb63fdf8825319ef7bae6c72d1f843fcfbcc4995b8586ebf4a5c7d728f479d50a348463dab8283cf992758507132dc362ca6bc4b86e5ebc647d22d942db7
SSDEEP

3072:hktmWtf02COUNJBmMFx4Moh3XchN6NcP3jLPYJH5+vA:hItf0tOUrBmMx4lH88Nm3Pwf+Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8539e5972df45121efb8f768f199d98d_JaffaCakes118

Files

8539e5972df45121efb8f768f199d98d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

23d33012fc44e30559523e97ced74316

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetBitmapBits
DrawEscape
SetPixel
GetCurrentObject
GetTextCharacterExtra
OffsetClipRgn
FillRgn
GetSystemPaletteUse
OffsetViewportOrgEx
GetBkMode

winspool.drv

DeletePrinterConnectionW

user32

MessageBoxA
GetWindowDC
BringWindowToTop
ReleaseDC
DestroyWindow
FindWindowW
LoadIconA
CreateIconIndirect
TabbedTextOutW
RegisterWindowMessageW

msvcrt

iswspace
isprint
setlocale
fwprintf

kernel32

FoldStringW
GetModuleHandleW
GetShortPathNameW
UnhandledExceptionFilter
CreateFileMappingA
GetPriorityClass
lstrlenA
lstrcmpiW
GetAtomNameW
SetSystemTime

comdlg32

PrintDlgExW
GetSaveFileNameA

Exports

Exports

_GzPzuRjd_ueqJtpT@4
_Iabfyhca_zybfuso@16
_Aafrzopry_uynj@8
_MfsNrgxh_Vvyvh@4
_Vislxsfua_easbin@8

Sections

.icode
Size: 512B - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vars
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.base
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23d33012fc44e30559523e97ced74316

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

winspool.drv

user32

msvcrt

kernel32

comdlg32

Exports

Exports

Sections

.icode Size: 512B - Virtual size: 308KB

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 2KB

.vars Size: 1024B - Virtual size: 1024B

.base Size: 1024B - Virtual size: 852B

.data Size: 1KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 8B

.rsrc Size: 105KB - Virtual size: 105KB

.reloc Size: 1024B - Virtual size: 960B

.icode
Size: 512B - Virtual size: 308KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 2KB

.vars
Size: 1024B - Virtual size: 1024B

.base
Size: 1024B - Virtual size: 852B

.data
Size: 1KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 8B

.rsrc
Size: 105KB - Virtual size: 105KB

.reloc
Size: 1024B - Virtual size: 960B