a1ea6bc4a6061cf282b323ba6c602ac9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a1ea6bc4a6061cf282b323ba6c602ac9_JaffaCakes118
Size

1.0MB
MD5

a1ea6bc4a6061cf282b323ba6c602ac9
SHA1

34c9192cbd88159fdb55d411f5b2f5bc26040b67
SHA256

1954423c8389a9ac49f6c42bc27ac0acfeceb24ac3ef66a0ef531fc6dbd2c608
SHA512

e7a5651e9748e293e30ade7eec0754f2d556164e5189d033021beb938d6bfaae23a6b2466fe3fee9dee907853d2cf4a96bbca5a9ce9102bb996120f206c798ca
SSDEEP

6144:CFY9MXDrXWtr7CZu+0eF/a3cSjYezZeP4GGPoGXhbYzXx:CFY9MXDitrmo+0ekzjYezZejGQ1x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1ea6bc4a6061cf282b323ba6c602ac9_JaffaCakes118

Files

a1ea6bc4a6061cf282b323ba6c602ac9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f2a5cfc485d6586989f47062ada65234

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GetVersionExA
WritePrivateProfileStringA
SetFileAttributesA
DeleteFileA
GetFullPathNameA
GetStringTypeA
GetOEMCP
GetACP
CompareStringW
CompareStringA
GetCPInfo
WideCharToMultiByte
SetEvent
CreateEventA
GetTickCount
MoveFileExA
Sleep
CreateProcessA
WaitForSingleObject
LoadLibraryA
GetProcAddress
FreeLibrary
CopyFileA
GetLastError
FindNextFileA
GetSystemDefaultLangID
FindFirstFileA
FindClose
CreateFileA
GetFileTime
SetEnvironmentVariableA
CloseHandle
CompareFileTime
GetWindowsDirectoryA
CreateDirectoryA
GetStringTypeW
SetStdHandle
IsBadCodePtr
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
RaiseException
HeapFree
FlushFileBuffers
WriteFile
HeapAlloc
HeapReAlloc
HeapSize
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
ReadFile
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
SetEndOfFile

winspool.drv

DeletePrinterDriverA
OpenPrinterA
GetPrinterDriverA
DeletePrinter
ClosePrinter
EnumPrinterDriversA
EnumPrintersA

advapi32

QueryServiceStatus
IsTextUnicode
DeleteService
OpenServiceA
ControlService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegisterServiceCtrlHandlerA
SetServiceStatus
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegQueryInfoKeyA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegFlushKey
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
StartServiceCtrlDispatcherA

Sections

.text
Size: 220KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 780KB - Virtual size: 790KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f2a5cfc485d6586989f47062ada65234

Headers

File Characteristics

Imports

kernel32

winspool.drv

advapi32

Sections

.text Size: 220KB - Virtual size: 216KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 780KB - Virtual size: 790KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 220KB - Virtual size: 216KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 780KB - Virtual size: 790KB

.rsrc
Size: 24KB - Virtual size: 24KB