eca9239739dced27d1ddc9e1dc98a252_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

eca9239739dced27d1ddc9e1dc98a252_JaffaCakes118
Size

152KB
MD5

eca9239739dced27d1ddc9e1dc98a252
SHA1

0c1b759045839ac8f768e04f2c90ec9fd7f2196c
SHA256

2863a051a679a1a1880d4270c27dc5a01cc475be59545ad69efb99ad6fa1cf5c
SHA512

4283793fbf86f5ece86e3350e7072e90fc1a292a2ef272b0e3c24b8ec47b65fcfdad8fa89069ac0389990a0d6b40fe20b8095ea4f9ba7fd4247f916f962d4f51
SSDEEP

1536:867Ojy88OcfgkOpeKtbSyVwr/Jpsi/RA3ffm15FK/HO5Se8MNf0A1E6im1O8P5lf:8xyrf3SbSyODJpx/Ro3mls0Trx0O3f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eca9239739dced27d1ddc9e1dc98a252_JaffaCakes118

Files

eca9239739dced27d1ddc9e1dc98a252_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9ef7953ced603bcb9da36a22ccfa7ece

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

FindClosePrinterChangeNotification

gdi32

GetColorAdjustment
GetTextExtentPointA

kernel32

GetSystemDirectoryW
GetProcessVersion
GetCurrentDirectoryW
IsValidLanguageGroup
DebugBreak
DeleteTimerQueueEx
GlobalAlloc
GetProcessAffinityMask
VirtualQueryEx
GetNamedPipeClientComputerNameW
GetModuleHandleA
SetThreadPriority
GetCurrentThread
GetTickCount
ExitThread
FlushProcessWriteBuffers
GetNamedPipeClientProcessId
GetPriorityClass

msvcrt

_time64

lz32

LZInit

advapi32

GetFileSecurityW

user32

DrawMenuBar
DestroyCursor
GetWindowTextLengthA

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

VOix7QXv
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt0
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zZ5j9
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ef7953ced603bcb9da36a22ccfa7ece

Headers

DLL Characteristics

File Characteristics

Imports

winspool.drv

gdi32

kernel32

msvcrt

lz32

advapi32

user32

Sections

.text Size: 32KB - Virtual size: 31KB

.data Size: 8KB - Virtual size: 11KB

.text Size: 4KB - Virtual size: 1KB

VOix7QXv Size: 32KB - Virtual size: 30KB

.code Size: 16KB - Virtual size: 14KB

.crt0 Size: 36KB - Virtual size: 35KB

zZ5j9 Size: 16KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 912B

.text
Size: 32KB - Virtual size: 31KB

.data
Size: 8KB - Virtual size: 11KB

.text
Size: 4KB - Virtual size: 1KB

VOix7QXv
Size: 32KB - Virtual size: 30KB

.code
Size: 16KB - Virtual size: 14KB

.crt0
Size: 36KB - Virtual size: 35KB

zZ5j9
Size: 16KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 912B