134113211cb6f46514fd774ad34fdc34_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

134113211cb6f46514fd774ad34fdc34_JaffaCakes118
Size

336KB
MD5

134113211cb6f46514fd774ad34fdc34
SHA1

5238da7a5705f818ee4a7851e0405f38b81702d0
SHA256

d97ac62cd0b65e0278db87a97ebf466fbbbf7b6748a246f61e68dbd07c141c35
SHA512

285c4996eca5d8e3f8b88778c2cd35fa7141c523bf024b09858553ef3490177ec075708d5980054bc38aba6640af235cae0faffcf164c5bde6598ab60597ac18
SSDEEP

6144:fB+XkDrJwgVcXyLkdZVEBSR33rnjiftFwFSl7rRd:fB4kDdwgIyLyDzR3il5l7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
134113211cb6f46514fd774ad34fdc34_JaffaCakes118

Files

134113211cb6f46514fd774ad34fdc34_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb6d0ede4b91da45a5b5f3b855b378e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteEnhMetaFile
DrawEscape
Arc
CreateSolidBrush
CancelDC
Escape
BitBlt
CloseMetaFile
CreateEllipticRgn
CopyEnhMetaFileA
GetAspectRatioFilterEx
GdiComment
AngleArc
ExtSelectClipRgn
AbortDoc

advapi32

RegSetValueExA
RegConnectRegistryA
RegSetValueA
RegCreateKeyA
RegEnumValueA
RegDeleteKeyA

kernel32

GetProfileStringA
GetProfileSectionA
WritePrivateProfileSectionA
GetPrivateProfileStringA
GetProcAddress
DeleteFileA
GetCurrentProcess
GetCurrentThreadId
GetVersion
GetCurrentProcessId
GetCommandLineA
GetTickCount
GetLastError
VirtualAlloc
CopyFileA
GetModuleHandleA
GetStartupInfoA

winspool.drv

EnumPrinterDataExA
StartDocPrinterA
AddFormA
DeletePrinterKeyA
AddPrinterConnectionA
DeletePrinterConnectionA
AddJobA
DeleteFormA
AddPrinterA
AdvancedDocumentPropertiesA
ClosePrinter
DeletePrinter

secur32

EncryptMessage
DecryptMessage
DeleteSecurityContext
AcceptSecurityContext
ExportSecurityContext
VerifySignature
ApplyControlToken
MakeSignature
FreeCredentialsHandle
CompleteAuthToken

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
exit
_XcptFilter
_acmdln
_exit
__getmainargs

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ope
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb6d0ede4b91da45a5b5f3b855b378e0

Headers

File Characteristics

Imports

gdi32

advapi32

kernel32

winspool.drv

secur32

msvcrt

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 313KB - Virtual size: 313KB

.data Size: 512B - Virtual size: 98KB

.ope Size: 2KB - Virtual size: 2KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 313KB - Virtual size: 313KB

.data
Size: 512B - Virtual size: 98KB

.ope
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 5KB - Virtual size: 5KB