a8d4b52d5c2cab5c4f7636a6393e1da9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a8d4b52d5c2cab5c4f7636a6393e1da9_JaffaCakes118
Size

268KB
MD5

a8d4b52d5c2cab5c4f7636a6393e1da9
SHA1

5ac0e70b0e26562e98a22a9d32e71246df5caf3b
SHA256

2da525468e601a9ee2bf2ee9c78364d802808b5c944571fc13344f5d9c9d5b9b
SHA512

eb35eaca8a1cb5dbd009659126074ea1dbe36091715def62ddc6630541fabdbd413b0d8ea832dd4f493a92e84e031a87e385511584613543cdd04023b635cd78
SSDEEP

6144:hlU4viFd2acXq6VBq3HTxBQypiSaZYwJdrL9logkLyXt1H+Rlna:hfvij2nBIHNBQypiSaV/3o1yXtx+R8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8d4b52d5c2cab5c4f7636a6393e1da9_JaffaCakes118

Files

a8d4b52d5c2cab5c4f7636a6393e1da9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d10d8577c941ae030fb13534482f1ed3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

GetVersionExW
GetLastError
GetProcAddress
LoadLibraryW
GetSystemDirectoryW
GetEnvironmentStringsW
GetEnvironmentStrings
GetOEMCP
GetACP
SetEnvironmentVariableA
GetDriveTypeA
GetLocaleInfoW
MultiByteToWideChar
WideCharToMultiByte
RtlUnwind
RaiseException
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
FindFirstFileW
GetVersion
ExitProcess
HeapFree
HeapAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
LCMapStringA
LCMapStringW
GetCPInfo
CompareStringA
CompareStringW
SetUnhandledExceptionFilter
HeapSize
GetModuleHandleA
GetFullPathNameW
GetCurrentDirectoryA
IsBadWritePtr
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
CloseHandle
FlushFileBuffers
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
GetModuleFileNameA
VirtualAlloc
GetVersionExA
SetFilePointer
SetStdHandle
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
IsBadReadPtr
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
IsBadCodePtr
GetCurrentDirectoryW
LoadLibraryA
ReadFile

winspool.drv

EnumPortsW
ConfigurePortW
OpenPrinterW
ClosePrinter

advapi32

RegOpenKeyExW
RegSetValueExW
RegCloseKey

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d10d8577c941ae030fb13534482f1ed3

Headers

File Characteristics

Imports

version

kernel32

winspool.drv

advapi32

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 164KB - Virtual size: 164KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 164KB - Virtual size: 164KB