c82a75cb0c36fb616a77cff5bb911b21_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c82a75cb0c36fb616a77cff5bb911b21_JaffaCakes118
Size

556KB
MD5

c82a75cb0c36fb616a77cff5bb911b21
SHA1

d34f9d8b4ee7e13877e773262390caf56e19881b
SHA256

ce1971ba183f7ac9b4d36bd17512ac6780289a36e2958b3b8ad3ad2a91892e02
SHA512

5c834b233d4b41d0348f10ca3163a7a783826b62e6af3bde7aa2266d6a200d1c2306837c89ebd38932d01452cde497e497db1cfd91c80424ed0052aa8121a618
SSDEEP

12288:lvsiYAhq444C1pAJVWe5UFR7b1acY/M1fSuNcNsH4LuF:lvCSqWaeVX5k7b1acCMZvKNsX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c82a75cb0c36fb616a77cff5bb911b21_JaffaCakes118

Files

c82a75cb0c36fb616a77cff5bb911b21_JaffaCakes118
.exe windows:4 windows x86 arch:x86

89ff038781996ff0038dba31ddc5d196

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryW
FreeLibrary
GlobalFree
GetCommandLineW
GlobalAlloc
GetDiskFreeSpaceExW
lstrlenW
ReadFile
GetProcAddress
LoadLibraryW
lstrcpynW
CloseHandle
CreateFileW
TransactNamedPipe
CancelIo
GetOverlappedResult
WaitForSingleObject
ResetEvent
SetNamedPipeHandleState
Sleep
GetLastError
CreateEventW
SetEvent
CreateThread
lstrcpyW
LocalFree
LocalAlloc
MulDiv
lstrcmpW
GetProfileStringW
InterlockedExchange
InterlockedCompareExchange
RtlUnwind
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetVersion
GetFileAttributesW
GetUserDefaultUILanguage
ExpandEnvironmentStringsA
LoadLibraryA
GetSystemDefaultUILanguage
SetLastError
GetModuleFileNameW
IsBadWritePtr
WideCharToMultiByte
GetSystemWindowsDirectoryW
SetFileAttributesW
SetFilePointer

advapi32

RegOpenKeyExA
RegQueryValueExA
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW

winspool.drv

GetJobW
GetPrinterDriverW
OpenPrinterW
ClosePrinter
GetPrinterW
DeviceCapabilitiesW
DocumentPropertiesW
SetJobW

gdi32

SaveDC
TextOutW
RestoreDC
SetTextColor
SetTextAlign
CreatePen
DeleteObject
CreatePatternBrush
CreateHalftonePalette
FillRgn
SelectObject
GetStockObject
CreateSolidBrush
SetROP2
PatBlt
ExtSelectClipRgn
CombineRgn
CreateEllipticRgnIndirect
StretchDIBits
RectVisible
SetPixel
LineTo
SetBkMode
MoveToEx
GetTextExtentPoint32W
GetObjectW
SetMapMode
GetDeviceCaps
SelectPalette
RealizePalette
SetStretchBltMode
SetICMMode
SetWindowOrgEx
CreateRectRgn
OffsetRgn
SetBrushOrgEx
SelectClipRgn

comctl32

ord17
CreateToolbarEx
CreateStatusWindowW

shell32

SHGetFolderPathW

Sections

.text
Size: 522KB - Virtual size: 808KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.abss
Size: - Virtual size: 840KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdat
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89ff038781996ff0038dba31ddc5d196

Headers

File Characteristics

Imports

kernel32

advapi32

winspool.drv

gdi32

comctl32

shell32

Sections

.text Size: 522KB - Virtual size: 808KB

.abss Size: - Virtual size: 840KB

.data Size: 8KB - Virtual size: 8KB

.rdat Size: 8KB - Virtual size: 8KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 10KB - Virtual size: 9KB

.reloc Size: 4KB - Virtual size: 264B

.text
Size: 522KB - Virtual size: 808KB

.abss
Size: - Virtual size: 840KB

.data
Size: 8KB - Virtual size: 8KB

.rdat
Size: 8KB - Virtual size: 8KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 10KB - Virtual size: 9KB

.reloc
Size: 4KB - Virtual size: 264B