d0208555ea4370eda4fa726ee29b41d2_JaffaCakes118

General

Target

d0208555ea4370eda4fa726ee29b41d2_JaffaCakes118
Size

80KB
MD5

d0208555ea4370eda4fa726ee29b41d2
SHA1

9910a028724ce7a01bb0f85d79f46721961b717f
SHA256

75ceef29c2ad51b413a5de4006bb227615451127860e6169e40f4f5510edf3ba
SHA512

8b55b674d2491f5872e39137a17e16e691decf78682c3a38e228b1069c9887fadf2c072039c0ec77d2394b07d216c60b2523a87058314c28e441a80b3eaded13
SSDEEP

1536:DmUDDUNi/g4e/gV7hWkdue8we8cndRdr4TVX8hcPc+uFmt1xV:CRymfkAe3OdRdUT9i4cnFmtnV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0208555ea4370eda4fa726ee29b41d2_JaffaCakes118

Files

d0208555ea4370eda4fa726ee29b41d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ea2b2a7a74aa1335842ce38468c0f91

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetCurrentProcess
LoadLibraryA
SetFileAttributesA
GetFileAttributesA
GetTickCount
WriteConsoleA
LocalAlloc
GetStringTypeA
GetModuleFileNameA
WriteFile
RtlUnwind
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCommandLineA
GetCommandLineW
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameW
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
MultiByteToWideChar
ExitProcess
TerminateProcess
HeapAlloc
HeapFree
WideCharToMultiByte
GetModuleHandleA
GetStartupInfoW
GetVersion
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetProcAddress
GetStringTypeW

winspool.drv

DocumentPropertiesW
ClosePrinter
EnumPrintersA
OpenPrinterW

wininet

InternetCloseHandle
HttpOpenRequestW
InternetConnectW
HttpSendRequestW
InternetReadFile
InternetWriteFile
InternetSetStatusCallbackW
HttpQueryInfoW
InternetQueryDataAvailable
InternetSetOptionExW
InternetCanonicalizeUrlW
InternetOpenUrlW
InternetOpenW

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ea2b2a7a74aa1335842ce38468c0f91

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winspool.drv

wininet

Sections

.text Size: 60KB - Virtual size: 58KB

.data Size: 8KB - Virtual size: 1.3MB

.tls Size: 4KB - Virtual size: 44B

.rsrc Size: 4KB - Virtual size: 792B

.text
Size: 60KB - Virtual size: 58KB

.data
Size: 8KB - Virtual size: 1.3MB

.tls
Size: 4KB - Virtual size: 44B

.rsrc
Size: 4KB - Virtual size: 792B