8663333d471e35618fd6761425134931_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8663333d471e35618fd6761425134931_JaffaCakes118
Size

369KB
MD5

8663333d471e35618fd6761425134931
SHA1

2fc640bf46e0a9b60675a880121279cdfd621f72
SHA256

4752ad2427aaa0cae0f1b60af4f722490e03fa833b462c51c22f530d7d40d6f9
SHA512

3a10708e152571bc63d6e069d655decc0a17dda95efab704ac4f501f50963acf3d6a15995c904ba44470947ff30ccf04cbc075739577881e545dfdcda7d34470
SSDEEP

6144:OEX3Wvpd+ostCY5bQIqzHqrKMcwfnfyxCeb8UF46cdfWH728xVs3:3ccXXBfUTY/6cdfWb/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8663333d471e35618fd6761425134931_JaffaCakes118

Files

8663333d471e35618fd6761425134931_JaffaCakes118
.exe windows:4 windows x86 arch:x86

89ed967f18e6eaf4e6da4be27ee7bf17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadIconA
WindowFromPoint
IsWindow
GetDialogBaseUnits
IsWindowUnicode
DialogBoxParamA
BringWindowToTop
BeginDeferWindowPos
DestroyWindow
ShowOwnedPopups
CreateWindowExA

gdi32

DescribePixelFormat
GetBrushOrgEx
CloseEnhMetaFile
AddFontResourceW
GetBkMode
Ellipse
CreateDCA
FillRgn
BitBlt
GdiFlush
DeleteEnhMetaFile
DrawEscape
DeleteMetaFile

advapi32

SetTokenInformation
AccessCheck
ReportEventA
NotifyChangeEventLog
ReportEventW

kernel32

TlsGetValue
GetLastError
HeapDestroy
HeapCreate
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
GetStringTypeW
CreateMutexA
HeapCompact
GetCurrencyFormatA
GlobalFree
GetSystemDefaultLCID
ResetEvent
LocalReAlloc
VirtualFree
LeaveCriticalSection
HeapWalk
IsValidLocale
GlobalHandle
IsBadWritePtr
WritePrivateProfileStructA
GetProfileIntA
GetProcAddress
GetHandleInformation
VirtualAllocEx
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
SetLastError
GetACP
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
GetCPInfo

winspool.drv

GetPrinterDriverA
AddPrinterDriverA
ConnectToPrinterDlg
DeletePrinterConnectionA
ConfigurePortA
AbortPrinter
AdvancedDocumentPropertiesA
EnumPrintProcessorsA
EnumPrinterDriversA
DeletePrinterKeyA

netapi32

NetUseEnum
NetGetJoinableOUs
NetGroupAddUser
NetAuditWrite
NetGetAnyDCName
NetFileClose
NetErrorLogWrite
NetGetDCName
NetConfigSet
NetAuditRead
NetAuditClear

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hefxs
Size: 331KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89ed967f18e6eaf4e6da4be27ee7bf17

Headers

File Characteristics

Imports

user32

gdi32

advapi32

kernel32

winspool.drv

netapi32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 81KB

.hefxs Size: 331KB - Virtual size: 330KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 81KB

.hefxs
Size: 331KB - Virtual size: 330KB

.rsrc
Size: 3KB - Virtual size: 2KB