11e0ee3b9b901956f3597dd98717ac88_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

11e0ee3b9b901956f3597dd98717ac88_JaffaCakes118
Size

254KB
MD5

11e0ee3b9b901956f3597dd98717ac88
SHA1

27d05ae7f7a8ce2b494b55db92f23eb4cc0fb019
SHA256

ce2e5e67d58cbb80fda6656bedd4d8086895c57acc762c06a6592773093d77c5
SHA512

d22b449f76d09581afe7bc71e85934d1318cff7420f04e74d916ce55de1178370c487d4b2e8a52bfe1e2376c0045a59e103ead04b5f8856680f6f6a24fa7d265
SSDEEP

6144:jhPsyTPNN+cTJejUZpZGqIaFVQ8H/WQzrAkwqULHPsOF:jdd+alIqbgOrKqYHPZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11e0ee3b9b901956f3597dd98717ac88_JaffaCakes118

Files

11e0ee3b9b901956f3597dd98717ac88_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fabb39bdf693de3f3ad49a80eb27d9f7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACleanup
gethostname
getservbyport
htonl
htons
WSAStartup
gethostbyaddr

kernel32

FreeLibrary
FileTimeToSystemTime
LoadResource
FindResourceA
lstrlenA
GetWindowsDirectoryA
WaitForSingleObject
GetModuleHandleA
OpenEventA
GetCurrentDirectoryA
GetVolumeInformationA
GetDiskFreeSpaceA
SetErrorMode
lstrcpyA
GetSystemDirectoryA
GetProcessHeap
GetSystemInfo
SetCurrentDirectoryA
CopyFileA
GetTempPathA
GetSystemTime
GetThreadLocale
GetCurrentThreadId
SetUnhandledExceptionFilter
CreateEventA
GetACP
IsDebuggerPresent
lstrcmpW
GetProcAddress

user32

wsprintfA

winspool.drv

GetPrinterDriverA
ClosePrinter
EnumPrintersA
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegEnumKeyA
RegQueryInfoKeyA
RegOpenKeyA
RegEnumValueA
CloseServiceHandle
RegSetValueExA
OpenProcessToken
LookupPrivilegeValueA
RegCreateKeyA
AdjustTokenPrivileges
RegCloseKey

ole32

CoUninitialize
CoCreateInstance
CoInitialize

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

samlib

SamOpenUser
SamCloseHandle
SamSetMemberAttributesOfGroup
SamSetInformationAlias
SamLookupIdsInDomain
SamiSetDSRMPassword

rsaenh

CPDuplicateKey
DllUnregisterServer

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cZjtO
Size: 512B - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.FQ
Size: 4KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.u
Size: 512B - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jVcda
Size: 3KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ILv
Size: 98KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.SPSeQ
Size: 4KB - Virtual size: 887KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.n
Size: 113KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fabb39bdf693de3f3ad49a80eb27d9f7

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

winspool.drv

advapi32

ole32

version

samlib

rsaenh

Sections

.text Size: 16KB - Virtual size: 15KB

.cZjtO Size: 512B - Virtual size: 62KB

.FQ Size: 4KB - Virtual size: 456KB

.u Size: 512B - Virtual size: 22KB

.rdata Size: 2KB - Virtual size: 19KB

.jVcda Size: 3KB - Virtual size: 222KB

.ILv Size: 98KB - Virtual size: 112KB

.SPSeQ Size: 4KB - Virtual size: 887KB

.data Size: 6KB - Virtual size: 142KB

.n Size: 113KB - Virtual size: 152KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 16KB - Virtual size: 15KB

.cZjtO
Size: 512B - Virtual size: 62KB

.FQ
Size: 4KB - Virtual size: 456KB

.u
Size: 512B - Virtual size: 22KB

.rdata
Size: 2KB - Virtual size: 19KB

.jVcda
Size: 3KB - Virtual size: 222KB

.ILv
Size: 98KB - Virtual size: 112KB

.SPSeQ
Size: 4KB - Virtual size: 887KB

.data
Size: 6KB - Virtual size: 142KB

.n
Size: 113KB - Virtual size: 152KB

.rsrc
Size: 3KB - Virtual size: 3KB