ce86ec218e4707a91e1aebcd24b7fd4d_JaffaCakes118

General

Target

ce86ec218e4707a91e1aebcd24b7fd4d_JaffaCakes118
Size

949KB
MD5

ce86ec218e4707a91e1aebcd24b7fd4d
SHA1

b4926c7354b8fe6b5c7ca0c8104be341abc56772
SHA256

92e58b2249343c1520d0420e530ca0cb55e0f0f116141605e7956a116e375c68
SHA512

ebbc02080492fd975d8aa19765c3240805083edd2fcff81f3f447de2d4c3e28a55140a7c550e5ac37d99205b0ef03802eabc9af321bf32cd125aa3515d99875d
SSDEEP

24576:V+eHbr+CfWktQBG5fZ9edke4hNEGGtChe1TJ:V7+gWNCBIL4hNQtChg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce86ec218e4707a91e1aebcd24b7fd4d_JaffaCakes118

Files

ce86ec218e4707a91e1aebcd24b7fd4d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

aaacc5fc172ce4255763c8b5829538bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

sensapi

IsNetworkAlive

gdi32

SetBkColor
SetTextColor
RestoreDC
GetObjectA
GetClipBox
GetWindowExtEx
SetMapMode
DeleteObject
PtVisible
CreateBitmap
RectVisible
TextOutA
SaveDC
GetViewportExtEx

tapi32

lineSetAgentState
lineAccept

shlwapi

PathIsUNCA
PathStripToRootA
PathFileExistsA
PathFindExtensionA
PathFindFileNameA

kernel32

GlobalDeleteAtom
GlobalFree
ReleaseMutex
CreateFileA
CreateFiber
GetCurrentThreadId
GetModuleFileNameW
GlobalAddAtomA
FreeResource
FormatMessageA
GlobalLock
GlobalUnlock
GetCurrentProcessId
lstrcmpW
CreateMutexA
MulDiv
SetLastError
HeapCreate
GlobalFindAtomA
SetUnhandledExceptionFilter
GlobalGetAtomNameA

comdlg32

GetFileTitleA

user32

ModifyMenuA
IsChild
SetWindowTextA
CallNextHookEx
CheckMenuItem
MoveWindow
GetCapture
SetWindowsHookExA
ShowWindow
SendDlgItemMessageA
SetMenuItemBitmaps
LoadBitmapA
IsDialogMessageA
EnableMenuItem
GetMenuCheckMarkDimensions

shell32

ShellExecuteA
ShellExecuteW

Sections

.text
Size: 623KB - Virtual size: 623KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 320KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aaacc5fc172ce4255763c8b5829538bb

Headers

File Characteristics

Imports

winspool.drv

sensapi

gdi32

tapi32

shlwapi

kernel32

comdlg32

user32

shell32

Sections

.text Size: 623KB - Virtual size: 623KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 320KB - Virtual size: 3.6MB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 623KB - Virtual size: 623KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 320KB - Virtual size: 3.6MB

.rsrc
Size: 2KB - Virtual size: 2KB