fa343d063f3e37fb0f8fd689fa0101cc_JaffaCakes118

General

Target

fa343d063f3e37fb0f8fd689fa0101cc_JaffaCakes118
Size

136KB
MD5

fa343d063f3e37fb0f8fd689fa0101cc
SHA1

20d3be1d3f344c3fee882f0e3d01c409f8dc03be
SHA256

6162a33959f6a97c8c1d318d3ba661fdd017994ccd5bfd92cd228e6094bc9f77
SHA512

a0d4d0e96d8b30513f3e0aea87476da19c6a67fb7713726b717da8ca95d1270cebbc69e471e5f7a5e6c8d14ad92c2fea3ff1e2b97c7ae38c9bfcff392192e671
SSDEEP

3072:h8toyF3HTOXXXtEwstxjMZdZzgRVxyczfxaWkgl3w4q:GqyF3wntEYnlgRVxbfxaKnq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa343d063f3e37fb0f8fd689fa0101cc_JaffaCakes118

Files

fa343d063f3e37fb0f8fd689fa0101cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

72e83f390215e3350ff76988234bea77

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCompact
GetLocalTime
CreateFileA
HeapFree
HeapAlloc
WriteConsoleW
LoadResource
FindResourceA
LCMapStringA
ReadFile
SetEndOfFile
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
IsBadWritePtr
HeapReAlloc
VirtualAlloc
GetStringTypeW
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetLastError
CloseHandle
WriteFile
TerminateProcess
GetCurrentProcess
SetFilePointer
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
MultiByteToWideChar
GetStringTypeA
LCMapStringW

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

ws2_32

send
recvfrom
ntohs
WSAAddressToStringA
WSAWaitForMultipleEvents
recv
htons
getservbyname
htonl

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 393KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72e83f390215e3350ff76988234bea77

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winspool.drv

ws2_32

Sections

.text Size: 64KB - Virtual size: 61KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 48KB - Virtual size: 393KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 64KB - Virtual size: 61KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 48KB - Virtual size: 393KB

.rsrc
Size: 16KB - Virtual size: 14KB