a518e94efd43ff48daea0182747e734b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a518e94efd43ff48daea0182747e734b_JaffaCakes118
Size

2.4MB
MD5

a518e94efd43ff48daea0182747e734b
SHA1

983094a786a4e631c882ceaa53a5cb4200fc0f9f
SHA256

53deb378269e2761bd0c7405300eef322356bf8c9ee95b9bff894ac18648e0c5
SHA512

229e1a65e3fc33f9673ac7c54ebcadf2dcb34e739f2eb9bb53d5f7a15c7442cacc3732ed31882a38e5552cd951ceffb63e02fb5e8d49e779d69a151f618ba475
SSDEEP

49152:E4eNu9wmaTzHwDkoM4GhHkmdMFBbAIVr++PDGKxDxgEnZ7:E4Cu9wXzHwDd0EmdOBbAIdFPK9EZ7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a518e94efd43ff48daea0182747e734b_JaffaCakes118

Files

a518e94efd43ff48daea0182747e734b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e3fbf7c944095a8feb6150734ecf098b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteDC
Polyline
CreateCompatibleDC
GetFontData
CreateDIBitmap
SetBkColor
GetObjectA
ExtTextOutW
GetNearestColor
CreateDiscardableBitmap
SetWindowExtEx
UpdateColors
DescribePixelFormat
GetMetaFileA
TextOutA
RemoveFontResourceW

kernel32

GetProcessHeap
LoadLibraryExW
GetPrivateProfileIntA
CreateSemaphoreA
MultiByteToWideChar
LocalAlloc
CreateProcessW
GetSystemInfo
LoadLibraryExA
CreateWaitableTimerW
CreateMutexA
GetCPInfoExA
LocalFree
LoadLibraryA
FindResourceA
GetTickCount
GetLocaleInfoA
GetThreadContext
GetCommState
EnumResourceTypesA
SetProcessWorkingSetSize
SetEndOfFile
WaitForSingleObjectEx
GetBinaryTypeA
GetCommandLineW
WaitForSingleObject

dbghelp

GetTimestampForLoadedLibrary
SymGetModuleInfo
SymMatchFileName
SymLoadModule
SymEnumerateSymbolsW
SymCleanup
SymInitialize
SymGetModuleInfoW
ImagehlpApiVersionEx

comctl32

ImageList_AddMasked
ImageList_Remove
PropertySheetA
ImageList_ReplaceIcon
ImageList_SetIconSize
ImageList_Draw
CreatePropertySheetPageW
ImageList_Read
ImageList_Create
ImageList_GetImageCount
ImageList_Write

msvcrt

strerror
sprintf
vfprintf
memcpy
wprintf
wcsrchr
strstr
fprintf
wcstod
strspn
ungetc
strpbrk
memset

user32

DrawFrameControl
GetKeyboardLayoutList
CreateAcceleratorTableA
IsRectEmpty
OemToCharBuffA
SetCursorPos
GetMenu
InflateRect
DrawFocusRect
GetUpdateRect
GetMenuStringA
DialogBoxParamW
SetMenuItemBitmaps
GetKeyState
SetCursor
RedrawWindow
RemoveMenu
InsertMenuW
ModifyMenuA
LoadStringW
GetPropW
DialogBoxIndirectParamW
TrackPopupMenuEx
SendMessageW
WaitMessage
CreatePopupMenu

winspool.drv

DeviceCapabilitiesA

Exports

Exports

_HxH_egfjD_dNb@4
_DcYa_qlopa_mbv@8
_NzUVP_wejia@16
_ZeNXQ_lRkxz_wil@4
_Login_User_ToSystem@8
_SpAo_rvxwj_wcpTm@4
_Terminate_User_Threads@12

Sections

.code
Size: 512B - Virtual size: 6.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 650B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3fbf7c944095a8feb6150734ecf098b

Headers

File Characteristics

Imports

gdi32

kernel32

dbghelp

comctl32

msvcrt

user32

winspool.drv

Exports

Exports

Sections

.code Size: 512B - Virtual size: 6.5MB

.text Size: 27KB - Virtual size: 27KB

.rdata Size: 6KB - Virtual size: 6KB

.rsrc Size: 2.4MB - Virtual size: 2.4MB

.reloc Size: 1024B - Virtual size: 650B

.code
Size: 512B - Virtual size: 6.5MB

.text
Size: 27KB - Virtual size: 27KB

.rdata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

.reloc
Size: 1024B - Virtual size: 650B