8a5f6fb6f0204ea36a80f484aa9251df_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8a5f6fb6f0204ea36a80f484aa9251df_JaffaCakes118
Size

166KB
MD5

8a5f6fb6f0204ea36a80f484aa9251df
SHA1

9907eb2ea1cd161c4566af55d29135421f0434aa
SHA256

1476aeaa98821b38d7378d9a8c3328bfa04f6ec038a00994a2106f650360083a
SHA512

ab4b30bc5898ec71df5a784047de19824df6424e8542f8550cfb6ae880b56623db8d8c530d33d1c376dd0803c9a7174bad6eb535c263eb476b5b1214dcb3bc5f
SSDEEP

3072:h90Lj52MjvYJJQkXO4luFPJvXUJK2fZiduGsTxsTKU0fynL4TRow1FF6z954+a61:GNrjvQDuRJvWfZiduGSfNXTRowEJr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a5f6fb6f0204ea36a80f484aa9251df_JaffaCakes118

Files

8a5f6fb6f0204ea36a80f484aa9251df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

991ba5b2584ee757afde7e4b3b896b19

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

PeekMessageW
GetWindow
MessageBoxW
GetAncestor
SystemParametersInfoW
TranslateMessage
GetClientRect
DestroyWindow
GetDlgItemTextW
GetDC
MapWindowPoints
SetCapture
RegisterClassExW
SetWindowPos
GetParent
GetWindowRect
GetWindowTextLengthW
GetWindowInfo
SetDlgItemTextW
CreateWindowExW
BeginPaint
LoadCursorW
GetClassInfoExW
SetWindowTextW
EndPaint
DispatchMessageW
EndDialog

kernel32

GetConsoleCP
LCMapStringA
GetConsoleMode
LocalFree
HeapCreate
IsProcessorFeaturePresent
LCMapStringW
LockResource
FlushFileBuffers
lstrcpynW
GetCPInfo
lstrcmpA
lstrlenA
FlushInstructionCache
CheckRemoteDebuggerPresent
GetOEMCP
RaiseException
GetVersion
GetThreadLocale
InterlockedCompareExchange
WriteConsoleA
LoadLibraryA
WritePrivateProfileSectionW
CreateSemaphoreW
TlsSetValue
SizeofResource
InterlockedExchange
HeapDestroy
VirtualAlloc
SetFilePointer
VirtualFree
WriteConsoleW
LocalAlloc
WaitForSingleObject
GetStringTypeW
EnumResourceTypesW
TlsGetValue
SetLastError
GetCurrentProcessId
IsDebuggerPresent
FindResourceW
Sleep
GetStringTypeA
LoadResource
WideCharToMultiByte
SetUnhandledExceptionFilter
LeaveCriticalSection
GetCurrentThreadId
GetLocaleInfoA
GetStartupInfoA
TlsAlloc
CopyFileW
GetACP
InitializeCriticalSection
CreateFileA
MulDiv
SetStdHandle
GetConsoleOutputCP
HeapSize
GetSystemTimeAsFileTime
GetDriveTypeW
CreateFileMappingW
QueryPerformanceCounter
TlsFree
GetCurrentProcess
GetTickCount
GetFileType

winspool.drv

DocumentPropertiesW

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

991ba5b2584ee757afde7e4b3b896b19

Headers

File Characteristics

Imports

user32

kernel32

winspool.drv

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 53KB - Virtual size: 53KB

.isete Size: 1024B - Virtual size: 244KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 53KB - Virtual size: 53KB

.isete
Size: 1024B - Virtual size: 244KB