fc320fcbab0602542fc64049eb76de6a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fc320fcbab0602542fc64049eb76de6a_JaffaCakes118
Size

171KB
MD5

fc320fcbab0602542fc64049eb76de6a
SHA1

ce81ea4ee07ed84bacb91c51690e62ac02e7d3a7
SHA256

cdb7d40a77ae17d15248b0a31a2ede4d24a48171ecefd1cdf1b5c3889a4773f3
SHA512

05624184868e94c53ec8015a8b8888e821e9e09bdfef7f8d1470de45d0520d4e0552fcf8f45d813126a7ccd2f4cfaba13fd11ed4f0d6b5630ccba1a8f9e72e92
SSDEEP

3072:JxBauMHBKHAbJwi2YISGTK4/EgLv7+humkXde8nevo4gVtHjGcHVZNS:JLaNH8HANZmZKCTT7+humWdfnyoVxjG/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc320fcbab0602542fc64049eb76de6a_JaffaCakes118

Files

fc320fcbab0602542fc64049eb76de6a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

efe8268a60686c4b1893b5347d50f7fc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
QueryDosDeviceW
FoldStringW
GetSystemDefaultUILanguage
CallNamedPipeW
OutputDebugStringA
RegisterWaitForSingleObject
SetMailslotInfo
EnumResourceLanguagesA
LoadLibraryExA
GetCurrentThread
GetModuleHandleA

winspool.drv

OpenPrinterA

user32

SendDlgItemMessageW
SetDlgItemTextW
TileWindows
DestroyAcceleratorTable
SetActiveWindow
DefFrameProcA
LoadStringA
LoadAcceleratorsW
FindWindowW
GetClassNameW
TrackPopupMenuEx
GetParent

gdi32

GetFontData
SetSystemPaletteUse
CreateRectRgnIndirect
SetPaletteEntries
GetBrushOrgEx
SelectPalette
GetDIBits
CloseEnhMetaFile
PtInRegion
ExtEscape
GetTextCharsetInfo

msvcrt

_vsnprintf
memset
strcpy
strchr
ftell

Exports

Exports

_Ahwnybjn_vrglmks@16
_SByQyLlib_i@8
_FjlmukOm_ima@16
_AcgRCysp_sVtu@4

Sections

.icode
Size: - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vars
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.base
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.const
Size: 512B - Virtual size: 258B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

efe8268a60686c4b1893b5347d50f7fc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winspool.drv

user32

gdi32

msvcrt

Exports

Exports

Sections

.icode Size: - Virtual size: 300KB

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 2KB - Virtual size: 2KB

.vars Size: 1024B - Virtual size: 1024B

.base Size: 1024B - Virtual size: 872B

.data Size: 1024B - Virtual size: 1KB

.const Size: 512B - Virtual size: 258B

.CRT Size: 512B - Virtual size: 8B

.rsrc Size: 111KB - Virtual size: 111KB

.reloc Size: 6KB - Virtual size: 5KB

.icode
Size: - Virtual size: 300KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 2KB - Virtual size: 2KB

.vars
Size: 1024B - Virtual size: 1024B

.base
Size: 1024B - Virtual size: 872B

.data
Size: 1024B - Virtual size: 1KB

.const
Size: 512B - Virtual size: 258B

.CRT
Size: 512B - Virtual size: 8B

.rsrc
Size: 111KB - Virtual size: 111KB

.reloc
Size: 6KB - Virtual size: 5KB