a420e7747c8fa231c1e0206c820d66d3_JaffaCakes118

General

Target

a420e7747c8fa231c1e0206c820d66d3_JaffaCakes118
Size

334KB
MD5

a420e7747c8fa231c1e0206c820d66d3
SHA1

0b2f4c62bb706ed8fca36839040bd6ddfd422c5b
SHA256

f24db7bee5fa5b7cbdedc46d717e490dc62a14e8f3c3913517163c000d672dd9
SHA512

70844cc94ac1c006ceb09843796e574de3ba8cce94efdf35757986d3dc201413d791f2c0658f16f40b43542eb7964d1aa5b6740414b9ebdc69a529933bc87a33
SSDEEP

6144:XuDcv4gRv9SJOWdY2gj2YbVY2XmFtpQsuEKIe5T88vIIQQwSlg:XuYT9SJOWi2J2WFPFIII7lg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a420e7747c8fa231c1e0206c820d66d3_JaffaCakes118

Files

a420e7747c8fa231c1e0206c820d66d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6be81e63720784c46030c4c9769fdd13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindowAsync
GetWindowTextA
GetWindowRect
DefDlgProcA
SendDlgItemMessageA
ArrangeIconicWindows
DeferWindowPos
EndDeferWindowPos
CascadeWindows
GetNextDlgGroupItem

kernel32

GetStartupInfoA
GetModuleHandleA
GetEnvironmentVariableA
FreeEnvironmentStringsA
OpenMutexA
ReleaseSemaphore
LocalReAlloc
LocalFree
TlsSetValue
SetEvent
GetProcAddress
GetStdHandle
LocalHandle
LocalLock
QueryPerformanceCounter
ReleaseMutex
GetProcessHeap
ResumeThread
TlsGetValue
GetACP
GetLastError
SuspendThread
VirtualAlloc

winspool.drv

ClosePrinter
AddFormA
AdvancedDocumentPropertiesA
AddPrinterA
DeleteFormA
AddJobA
DeletePrinter
ConfigurePortA
AddPrinterConnectionA
DeletePrinterKeyA
DeletePrinterDataA
DeletePrinterConnectionA
ConnectToPrinterDlg
AbortPrinter

msvcrt

_XcptFilter
_exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
exit
_controlfp
_except_handler3

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6be81e63720784c46030c4c9769fdd13

Headers

File Characteristics

Imports

user32

kernel32

winspool.drv

msvcrt

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 314KB - Virtual size: 314KB

.data Size: 512B - Virtual size: 94KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 314KB - Virtual size: 314KB

.data
Size: 512B - Virtual size: 94KB

.rsrc
Size: 5KB - Virtual size: 5KB