8ca37a50b310309ca8d956e0f5d56603_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8ca37a50b310309ca8d956e0f5d56603_JaffaCakes118
Size

159KB
MD5

8ca37a50b310309ca8d956e0f5d56603
SHA1

068d61f12583e801c871d36e296d419ef74c0c57
SHA256

18c4f8a2d3829a8cba284903a6f97e77a47e3f5552711b64c6aed8424e49b0b8
SHA512

c3b9c7d8970bf188cb34026500ac4e39909b140f748214780a4095be2f67000a286ce89ac25693ebb5ec34c2ad83049675d41b7a56f8f591695612d886d39d43
SSDEEP

3072:dXhmPjZSkXNUq4rnTeJjqFzcsvP+CaUbIZ2KlXOzIBs7v51qK:dxA1/XNQTeBqc+bG9WD51qK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ca37a50b310309ca8d956e0f5d56603_JaffaCakes118

Files

8ca37a50b310309ca8d956e0f5d56603_JaffaCakes118
.exe windows:4 windows x86 arch:x86

04f92e5c639a3eb24262feb58f1bc95c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetWindowPos
GetParent
TranslateMessage
GetClassInfoExW
LoadCursorW
CreateWindowExW
MapWindowPoints
SystemParametersInfoW
DestroyWindow
DispatchMessageW
GetDlgItemTextW
GetWindow
PeekMessageW
EndPaint
GetClientRect
GetWindowRect
GetAncestor
SetCapture
BeginPaint
SetWindowTextW
RegisterClassExW
SetDlgItemTextW
GetWindowTextLengthW
MessageBoxW
GetDC
GetWindowInfo
EndDialog

winspool.drv

DocumentPropertiesW

kernel32

FindResourceW
lstrcmpA
SizeofResource
VirtualFree
TlsAlloc
GetCurrentProcessId
CopyFileW
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
lstrcpynW
IsProcessorFeaturePresent
LCMapStringA
GetTickCount
TlsSetValue
lstrlenA
GetLocaleInfoA
CheckRemoteDebuggerPresent
HeapSize
GetOEMCP
WriteConsoleW
GetACP
SetLastError
HeapCreate
GetVersion
GetStartupInfoA
WideCharToMultiByte
GetStringTypeW
WritePrivateProfileSectionW
GetDriveTypeW
GetStringTypeA
Sleep
FlushInstructionCache
InterlockedCompareExchange
GetConsoleMode
EnumResourceTypesW
LocalAlloc
TlsGetValue
WriteConsoleA
IsDebuggerPresent
SetFilePointer
LoadResource
WaitForSingleObject
LoadLibraryA
FlushFileBuffers
GetConsoleOutputCP
QueryPerformanceCounter
LockResource
GetConsoleCP
MulDiv
GetThreadLocale
LCMapStringW
HeapDestroy
GetCurrentThreadId
InitializeCriticalSection
TlsFree
CreateFileA
GetCurrentProcess
GetCPInfo
InterlockedExchange
CreateFileMappingW
LocalFree
CreateSemaphoreW
VirtualAlloc
RaiseException
LeaveCriticalSection
SetStdHandle
GetFileType

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04f92e5c639a3eb24262feb58f1bc95c

Headers

File Characteristics

Imports

user32

winspool.drv

kernel32

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 52KB - Virtual size: 51KB

.isete Size: 1024B - Virtual size: 100KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 52KB - Virtual size: 51KB

.isete
Size: 1024B - Virtual size: 100KB