08893133817986993beaee4af3160ec1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

08893133817986993beaee4af3160ec1_JaffaCakes118
Size

297KB
MD5

08893133817986993beaee4af3160ec1
SHA1

a846f823e9bb9356c0da9e6682d681d24215832b
SHA256

cc64e6236ec9aba3f2ee83aa1c2e1e7edfcc37d901314a9941f4738c0b2f1787
SHA512

9f76bedc625522da3cc3fa530b5e87330c3dd66450d2095ebe6620b31795e93e231454b94c53ea4a235657a92deb2c7ef80332be6c9c4d1b980cae15b41b563d
SSDEEP

6144:dfLGdcwgsczmAAUtOcZ1B+9bGdAOzJS534q3TKSV3xSA2IlGfDuNN1BqT:dfLGdzczmAAMZ1o9b/1d3TKSBdZlGfSE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08893133817986993beaee4af3160ec1_JaffaCakes118

Files

08893133817986993beaee4af3160ec1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

34d8eb6ede810ff07a46ad8bf7228e82

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
LCMapStringW
GetStringTypeW
HeapFree
HeapQueryInformation
FlushFileBuffers
CloseHandle
IsProcessorFeaturePresent
RtlUnwind
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
MultiByteToWideChar
CompareStringW
SetEnvironmentVariableA
HeapSize
SetFilePointer
HeapCreate
GetLastError
GetTickCount
GetCurrentProcess
HeapReAlloc
HeapAlloc
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
DecodePointer
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
GetModuleFileNameW
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
WideCharToMultiByte
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetFileType
WriteFile
GetConsoleCP
GetConsoleMode
HeapValidate
IsBadReadPtr
TlsAlloc
TlsGetValue
TlsSetValue
GetCurrentThreadId
TlsFree
GetProcAddress
GetModuleHandleW
SetLastError
GetStdHandle
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
ExitProcess
LoadLibraryW
RaiseException
QueryPerformanceCounter
GetCurrentProcessId
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount

user32

DestroyWindow
GetMessageA
SetCapture
GetClientRect
TranslateMessage
LoadAcceleratorsA
DispatchMessageA
CloseWindow
LoadCursorA
DialogBoxParamA
GetScrollPos

winspool.drv

ClosePrinter

comdlg32

PrintDlgA

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34d8eb6ede810ff07a46ad8bf7228e82

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

winspool.drv

comdlg32

Sections

.text Size: 119KB - Virtual size: 118KB

.rdata Size: 38KB - Virtual size: 37KB

.data Size: 138KB - Virtual size: 146KB

.rsrc Size: 512B - Virtual size: 436B

.text
Size: 119KB - Virtual size: 118KB

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 138KB - Virtual size: 146KB

.rsrc
Size: 512B - Virtual size: 436B