89b8fb16637c69f1e93c5637030cbe97_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

89b8fb16637c69f1e93c5637030cbe97_JaffaCakes118
Size

84KB
MD5

89b8fb16637c69f1e93c5637030cbe97
SHA1

fa1e2219b6433fc5067fb0c69d1f2fe829afb3a4
SHA256

8597f631a2b1a6b2e1bddf256c2d1fd332ea4f021b7c547a01005b3a00ee68d8
SHA512

0196d11837e00e2bf85b174a70fa9aa14e0cfca39d61ef69903e09ee45117a4fec6314c8c0f105300c15b1be02eb27867423ea94512fcfb85bbc6fec8806316b
SSDEEP

1536:MMdMCZ45u9uIJkw9Kwi+cxGxZuACEUfYr0DnYvLx+fCk6nHOvT6cSltJlo4X2UY:jMZ57IJt1GG+HEUfYQDnUkfCkQqeTLox

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89b8fb16637c69f1e93c5637030cbe97_JaffaCakes118

Files

89b8fb16637c69f1e93c5637030cbe97_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2eba0dc0fd323cb0f7888c5582227d07

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomA
OpenMutexW
GetSystemTimeAsFileTime
CallNamedPipeW
GetOEMCP
SetConsoleCursorInfo
GetCurrentThreadId
SetHandleContext
LoadLibraryA
GetStartupInfoA
HeapCreate
AddLocalAlternateComputerNameA
GetConsoleCommandHistoryLengthA
FreeEnvironmentStringsW
SetConsoleCursorMode
GetConsoleAliasExesW
GetTickCount
SetLocalTime
SetFileTime
GetLastError
QueryPerformanceCounter
EnumSystemCodePagesA
MultiByteToWideChar
SetEndOfFile
SetDefaultCommConfigA
GetCurrentProcessId
VirtualAlloc
InterlockedFlushSList
FlushConsoleInputBuffer
GetVersion
ReadConsoleOutputAttribute
GetProfileIntW
ExitVDM
SetProcessShutdownParameters

rpcrt4

short_from_ndr
pfnSizeRoutines
UuidIsNil
RpcCertGeneratePrincipalNameA
NdrNsGetBuffer
I_RpcBindingInqDynamicEndpointA
I_RpcConnectionInqSockBuffSize
RpcErrorClearInformation
NdrComplexStructFree
I_RpcExceptionFilter

gdi32

GetFontAssocStatus
GetTextCharset
HT_Get8BPPMaskPalette
FONTOBJ_pfdg
DdEntry30
GdiRealizationInfo
SelectClipRgn
GdiIsMetaPrintDC
EnumFontFamiliesA
GetPaletteEntries
GetRgnBox
GetBkColor
CreateEllipticRgnIndirect
GetKerningPairsA
GdiEntry4

ntprint

PSetupInstallPrinterDriver
PSetupIsTheDriverFoundInInfInstalled
PSetupFreeMem
PSetupDriverInfoFromName
PSetupInstallICMProfiles
PSetupGetDriverInfo3
PSetupSelectDeviceButtons
PSetupGetPathToSearch
PSetupGetLocalDataField
PSetupCreateMonitorInfo
PSetupGetSelectedDriverInfo
PSetupCreatePrinterDeviceInfoList
PSetupSelectDriver
PSetupCreateDrvSetupPage
PSetupAssociateICMProfiles
PSetupShowBlockedDriverUI
ClassInstall32
PSetupDestroyDriverInfo3
PSetupBuildDriversFromPath

ntdll

ZwSetEaFile
ZwReplyWaitReceivePort
isdigit
ZwAreMappedFilesTheSame
RtlTraceDatabaseDestroy
RtlpNtMakeTemporaryKey
NtQuerySystemEnvironmentValue
RtlIpv4AddressToStringA
_vsnwprintf
RtlSetSecurityObject
NtQueryTimerResolution
RtlEnlargedIntegerMultiply

msvcrt20

isupper
_ismbbkpunct
_fcvt
_unloaddll
_CIcos
_ultoa
?getline@istream@@QAEAAV1@PACHD@Z
_wtmpnam
_ismbbkana
??4iostream@@IAEAAV0@PAVstreambuf@@@Z
atof
?setbuf@ofstream@@QAEPAVstreambuf@@PADH@Z
?unbuffered@streambuf@@IAEXH@Z
?writepad@ostream@@AAEAAV1@PBD0@Z
??0ostrstream@@QAE@ABV0@@Z
?clrlock@streambuf@@QAEXXZ
_wmktemp
?epptr@streambuf@@IBEPADXZ
_lrotl
??1ofstream@@UAE@XZ
_makepath
?setbuf@strstreambuf@@UAEPAVstreambuf@@PADH@Z
_wtempnam
_fstat

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2eba0dc0fd323cb0f7888c5582227d07

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

rpcrt4

gdi32

ntprint

ntdll

msvcrt20

Sections

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 21KB - Virtual size: 60KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 512B - Virtual size: 280B

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 21KB - Virtual size: 60KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 512B - Virtual size: 280B