01590ef339e8b7301638b0e4e4972fe7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

01590ef339e8b7301638b0e4e4972fe7_JaffaCakes118
Size

467KB
MD5

01590ef339e8b7301638b0e4e4972fe7
SHA1

8b7fa1bdaa758a414c8e033fd840d7fd5f09231d
SHA256

9df6a1f3eef45d15f9a3c587b3fa0ef02c25b40da8c8c87293e5c442c991fd6c
SHA512

9aff9b6eefc3f7752f6021ebcdc5afdf36dd7ac77c4a745088e84797ce59625426b4b906b2cce4b1a82f9f3fed278c3dc71c7298c506d751b01d5d76b5ae0864
SSDEEP

12288:qyvOxMjO1v4AkA6xpcfSy7bbFd3rHbBm2s28wfUV:T5O1Bw6PX2wfC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01590ef339e8b7301638b0e4e4972fe7_JaffaCakes118

Files

01590ef339e8b7301638b0e4e4972fe7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e9d437508102517c8e84cf35a270016d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
LockResource
CloseHandle
InitializeCriticalSectionAndSpinCount
CreateFileW
FlushFileBuffers
WriteConsoleW
SetStdHandle
LCMapStringW
CreateConsoleScreenBuffer
InterlockedDecrement
HeapReAlloc
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
GlobalUnlock
HeapCreate
WriteConsoleOutputA
SizeofResource
Sleep
LoadLibraryW
GlobalAlloc
ReadConsoleOutputA
GlobalLock
SetConsoleActiveScreenBuffer
GetCurrentProcess
GetModuleFileNameA
GetModuleFileNameW
HeapAlloc
LoadResource
FindResourceA
WriteFile
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetLocaleInfoW
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetUserDefaultLCID
GetCPInfo
IsValidCodePage
GetOEMCP
GetACP
GetLastError
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
LocalFree
EncodePointer
DecodePointer
InterlockedIncrement
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
HeapFree
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapSize
GetProcAddress
GetModuleHandleW
ExitProcess
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection

user32

BeginPaint
LoadCursorA
FindWindowA
UpdateWindow
IsWindowVisible
ShowWindow
EndPaint
PostQuitMessage
FillRect
GetParent
DefWindowProcA
SetFocus
SendMessageA
LoadIconA
GetDC
GetCapture
GetForegroundWindow
SetRect
InvalidateRect
CreateWindowExA
ReleaseDC

gdi32

LineTo
SetTextColor
GetDeviceCaps
GdiFlush
SetBkMode
DeleteObject
SelectObject
CreatePen
GetTextMetricsA
CreateSolidBrush
TextOutA
MoveToEx

winspool.drv

ClosePrinter

ole32

CoCreateInstance
CoSetProxyBlanket
CoUninitialize
CreateStreamOnHGlobal
CoInitializeEx

oleaut32

SysFreeString
VariantChangeType
VariantInit
VariantClear
SysAllocString

opengl32

glVertex3f
glBegin
glNormal3f
glClear
glEnd

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 229KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9d437508102517c8e84cf35a270016d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

ole32

oleaut32

opengl32

Sections

.text Size: 109KB - Virtual size: 109KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 229KB - Virtual size: 271KB

.rsrc Size: 110KB - Virtual size: 109KB

.text
Size: 109KB - Virtual size: 109KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 229KB - Virtual size: 271KB

.rsrc
Size: 110KB - Virtual size: 109KB