d5532514cb14d496a8cf286c02f5e29a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d5532514cb14d496a8cf286c02f5e29a_JaffaCakes118
Size

248KB
MD5

d5532514cb14d496a8cf286c02f5e29a
SHA1

42ab25f8ab48fe7b797521a38b3e6ed837567e26
SHA256

4fbb2fba8a7a722fefde6cfebd7d7a4484fbb77ba227fdf59ae28ef67099a888
SHA512

83dfeefd1e401a669a0293450da0ffcd57e417d06d39f7236029ac8430bd460663075c82e4eb47a086f15276f6e27aa91ee23ff585037171d2a98d28a09472b5
SSDEEP

6144:yG0w4rrdhvh9Bc/byJT5E17pn2Hhru9dLP/sBPA/m:yw4vRl07V+y9WhA/m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5532514cb14d496a8cf286c02f5e29a_JaffaCakes118

Files

d5532514cb14d496a8cf286c02f5e29a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f14388db1fdededc7bbb820347d9522

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToFileTime
CreateFileW
LeaveCriticalSection
GetProcessHeap
EnterCriticalSection
FindResourceExW
LoadResource
HeapFree
HeapSize
UnhandledExceptionFilter
lstrcmpiA
GetCurrentThreadId
FreeLibrary
HeapReAlloc
LoadLibraryExW
GetLocalTime
SetUnhandledExceptionFilter
CloseHandle
LockResource
DeleteCriticalSection
ReadFile
LocalAlloc
LocalFree
RaiseException
HeapDestroy
GetStdHandle
GetSystemTimeAsFileTime
FormatMessageW
FindResourceW
GetFileSizeEx
SizeofResource
WriteFile
HeapAlloc
lstrcmpA
IsDebuggerPresent
SetFilePointerEx
VirtualAllocEx
GetModuleHandleA

advapi32

GetTraceEnableLevel
UnregisterTraceGuids
RegQueryValueExW
RegOpenKeyExW
GetTraceLoggerHandle
RegCloseKey
ControlTraceW
RegisterTraceGuidsW
TraceEvent
GetTraceEnableFlags

shlwapi

PathAddBackslashW
PathFileExistsW
PathStripPathW

winspool.drv

SetPrinterW
AdvancedSetupDialog
DeletePrinterConnectionW
PerfOpen
EXTDEVICEMODE
EnumPrinterDriversW
DevicePropertySheets
EnumFormsW
EnumPortsA
DeviceCapabilities
StartPagePrinter
DevQueryPrint

oledlg

OleUIObjectPropertiesA
OleUIChangeIconW
OleUIAddVerbMenuW

Sections

.QwfR
Size: 1KB - Virtual size: 37KB

IMAGE_SCN_MEM_READ

.EAeKTf
Size: 3KB - Virtual size: 13KB

IMAGE_SCN_MEM_READ

.ITOkSwi
Size: 3KB - Virtual size: 30KB

IMAGE_SCN_MEM_READ

.EeYFtGi
Size: 1024B - Virtual size: 29KB

IMAGE_SCN_MEM_READ

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pJUewT
Size: 1024B - Virtual size: 799B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Ywuy
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ipAxoYi
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.LVTVh
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yLDaz
Size: 1024B - Virtual size: 751B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sJDw
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aKRpo
Size: 1024B - Virtual size: 685B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.XvvGFf
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f14388db1fdededc7bbb820347d9522

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shlwapi

winspool.drv

oledlg

Sections

.QwfR Size: 1KB - Virtual size: 37KB

.EAeKTf Size: 3KB - Virtual size: 13KB

.ITOkSwi Size: 3KB - Virtual size: 30KB

.EeYFtGi Size: 1024B - Virtual size: 29KB

.text Size: 16KB - Virtual size: 16KB

.pJUewT Size: 1024B - Virtual size: 799B

.Ywuy Size: 1KB - Virtual size: 1KB

.ipAxoYi Size: 3KB - Virtual size: 2KB

.LVTVh Size: 2KB - Virtual size: 2KB

.yLDaz Size: 1024B - Virtual size: 751B

.sJDw Size: 1024B - Virtual size: 584B

.data Size: 7KB - Virtual size: 113KB

.aKRpo Size: 1024B - Virtual size: 685B

.rdata Size: 207KB - Virtual size: 207KB

.XvvGFf Size: 1KB - Virtual size: 1KB

.rsrc Size: 17KB - Virtual size: 17KB

.QwfR
Size: 1KB - Virtual size: 37KB

.EAeKTf
Size: 3KB - Virtual size: 13KB

.ITOkSwi
Size: 3KB - Virtual size: 30KB

.EeYFtGi
Size: 1024B - Virtual size: 29KB

.text
Size: 16KB - Virtual size: 16KB

.pJUewT
Size: 1024B - Virtual size: 799B

.Ywuy
Size: 1KB - Virtual size: 1KB

.ipAxoYi
Size: 3KB - Virtual size: 2KB

.LVTVh
Size: 2KB - Virtual size: 2KB

.yLDaz
Size: 1024B - Virtual size: 751B

.sJDw
Size: 1024B - Virtual size: 584B

.data
Size: 7KB - Virtual size: 113KB

.aKRpo
Size: 1024B - Virtual size: 685B

.rdata
Size: 207KB - Virtual size: 207KB

.XvvGFf
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 17KB - Virtual size: 17KB