8abdfa826e73aa978c1d2051232bbd53_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8abdfa826e73aa978c1d2051232bbd53_JaffaCakes118
Size

340KB
MD5

8abdfa826e73aa978c1d2051232bbd53
SHA1

689f1d49805a4c4c430334eed7c5638bf2512f8f
SHA256

9ee00a5baf85b5630db1ed4e3a5fdc718c585c0bee415fddb375b9136f608cac
SHA512

fee9b24c6572f6933dad6ad53b6fed046cab1e57c4937cce7c1ca48e39d4092f0e06a8ff0db4c7c2b09465fc9fd432465aba8022d5b0a4ad729271334a4f2db5
SSDEEP

6144:fvCy5pqXS7Et6odFyahT9IcBUz+tFIH+3rFqQZfTn6mzkiigiN1xj:fvCyLSvhpIcBb4AxqQZfr6LhN3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8abdfa826e73aa978c1d2051232bbd53_JaffaCakes118

Files

8abdfa826e73aa978c1d2051232bbd53_JaffaCakes118
.exe windows:4 windows x86 arch:x86

433158eecbfdbe2976947076205107cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

AdjustWindowRect
IsIconic
GetDesktopWindow
FindWindowA
IsWindow
GetDlgCtrlID
AdjustWindowRectEx
DeferWindowPos
MessageBoxExA
EndDialog
DestroyWindow
TranslateMessage
DispatchMessageA
GetClipboardData
LoadCursorA
LoadIconA
SetClipboardData
OpenClipboard

gdi32

DrawEscape
CopyEnhMetaFileA
CopyMetaFileA
CloseMetaFile
GetAspectRatioFilterEx
CloseEnhMetaFile
EnumObjects
ExtFloodFill
AddFontResourceW
CreateDiscardableBitmap
Ellipse
GdiComment
Chord
BitBlt

advapi32

RegOpenKeyA
RegUnLoadKeyA
RegQueryValueA
RegisterEventSourceA
RegOpenKeyExA
NotifyChangeEventLog
RegEnumValueA
OpenEventLogW

kernel32

WriteProfileSectionA
WritePrivateProfileStringA
WritePrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetProcAddress
TlsGetValue
GetStartupInfoA
VirtualAllocEx
GetEnvironmentStrings
GetStdHandle
QueryPerformanceCounter
LCMapStringA
TlsSetValue
GetTickCount
GetCommandLineA
GetModuleHandleA
GetModuleFileNameA
VerLanguageNameA
SetEvent
VirtualProtect
LeaveCriticalSection
IsBadReadPtr
MultiByteToWideChar
LocalUnlock
GetACP
GlobalMemoryStatus
GetStringTypeW
IsBadStringPtrA
GetCPInfo
ResetEvent
CreateSemaphoreA
GlobalLock

version

GetFileVersionInfoA
VerFindFileA
GetFileVersionInfoSizeA
VerInstallFileA
VerQueryValueA

winspool.drv

GetPrinterDriverW
AdvancedDocumentPropertiesA
AddPrinterDriverA
DeletePrinterConnectionW
GetPrinterW
AddFormA
AddPrinterConnectionW
ClosePrinter
AddPrinterDriverExW
EnumJobsW
ConnectToPrinterDlg
EnumPrintersW
AddPrinterDriverExA
EnumPrintProcessorsW
DeletePrinterDriverExW

netapi32

NetRenameMachineInDomain
NetConfigSet
NetGetJoinInformation
NetGroupAdd
NetAuditClear
Netbios
NetConfigGet
NetConnectionEnum
NetErrorLogClear
NetErrorLogRead
NetConfigGetAll
NetFileEnum
NetGetDCName
NetGetAnyDCName
NetGetJoinableOUs

msvcrt

__p__commode
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__fmode
__set_app_type
_except_handler3
_controlfp
_XcptFilter
_exit
exit

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

433158eecbfdbe2976947076205107cb

Headers

File Characteristics

Imports

user32

gdi32

advapi32

kernel32

version

winspool.drv

netapi32

msvcrt

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 314KB - Virtual size: 420KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 314KB - Virtual size: 420KB

.rsrc
Size: 4KB - Virtual size: 3KB