bcb775f551fee7e40dd1993d3faad9ac_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bcb775f551fee7e40dd1993d3faad9ac_JaffaCakes118
Size

65KB
MD5

bcb775f551fee7e40dd1993d3faad9ac
SHA1

be412a8a21311fb634cc6f882965722d33e2a48b
SHA256

52bf5a628c36a31fe96387509b1660998cd12ddc42efdbd2a7a57e02fae81522
SHA512

168f846d3b082a4808218e8f2a14ba57c427a36ee04a5c89bc6cf916979bda4f93d9b96c4b8d33257eed4ea4fdf47cd583887376c937bf8c369a59dc74959c2b
SSDEEP

1536:UglNEjg8IT5SoJRjxeIvoUFaecg6f/WL/9DTSk:UIWU8YUoZeIvDQLg6GdT5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bcb775f551fee7e40dd1993d3faad9ac_JaffaCakes118

Files

bcb775f551fee7e40dd1993d3faad9ac_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8c978d4583962bf829e17352e429b77a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

??2@YAPAXI@Z
_except_handler3
free
_initterm
??3@YAXPAX@Z
_adjust_fdiv
malloc

kernel32

LeaveCriticalSection
TerminateProcess
EnterCriticalSection
SetLastError
lstrlenW
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
GetLastError
GetProcAddress
GetModuleHandleW
lstrcmpiW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
DeleteCriticalSection
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount

ole32

CoCreateInstance
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree

advapi32

RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExW

winspool.drv

OpenPrinterW
ClosePrinter

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.p102
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0x9a9
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kalqo
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.88111
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.9102
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1827
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.7382
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.81721
Size: 198KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ajdiw
Size: 512B - Virtual size: 194B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.09a
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.09a5
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.09a6
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.11524
Size: 512B - Virtual size: 158B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.9a9s
Size: 198KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 266B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c978d4583962bf829e17352e429b77a

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

ole32

advapi32

winspool.drv

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 2KB

.p102 Size: 512B - Virtual size: 186B

.0x9a9 Size: 512B - Virtual size: 186B

.kalqo Size: 512B - Virtual size: 186B

.88111 Size: 512B - Virtual size: 186B

.9102 Size: 512B - Virtual size: 186B

.1827 Size: 512B - Virtual size: 186B

.7382 Size: 512B - Virtual size: 186B

.81721 Size: 198KB - Virtual size: 197KB

.ajdiw Size: 512B - Virtual size: 194B

.09a Size: 512B - Virtual size: 208B

.09a5 Size: 512B - Virtual size: 216B

.09a6 Size: 512B - Virtual size: 186B

.11524 Size: 512B - Virtual size: 158B

.9a9s Size: 198KB - Virtual size: 197KB

.rsrc Size: 17KB - Virtual size: 16KB

.reloc Size: 512B - Virtual size: 266B

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 2KB

.p102
Size: 512B - Virtual size: 186B

.0x9a9
Size: 512B - Virtual size: 186B

.kalqo
Size: 512B - Virtual size: 186B

.88111
Size: 512B - Virtual size: 186B

.9102
Size: 512B - Virtual size: 186B

.1827
Size: 512B - Virtual size: 186B

.7382
Size: 512B - Virtual size: 186B

.81721
Size: 198KB - Virtual size: 197KB

.ajdiw
Size: 512B - Virtual size: 194B

.09a
Size: 512B - Virtual size: 208B

.09a5
Size: 512B - Virtual size: 216B

.09a6
Size: 512B - Virtual size: 186B

.11524
Size: 512B - Virtual size: 158B

.9a9s
Size: 198KB - Virtual size: 197KB

.rsrc
Size: 17KB - Virtual size: 16KB

.reloc
Size: 512B - Virtual size: 266B