15df59853b5bafefa6e814ffbb5fe0e1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

15df59853b5bafefa6e814ffbb5fe0e1_JaffaCakes118
Size

171KB
MD5

15df59853b5bafefa6e814ffbb5fe0e1
SHA1

caee4194432074c891c6a23c1245101369b32d85
SHA256

63fb51baafbcf968684157e952eff7acc1346d768c030eec4ca0abda100d2d94
SHA512

7b63fe57f61c430c9d214bad79bb0aec1028c08dd4dea5237044349f9beae943046c3c482f827033996e4fe3b94bd91e4fe7811aee44868ff74c37daa7e51c6a
SSDEEP

3072:yDCbocLUK7c37EFp2UYAqTe7Yf9j0tPyGpDGKfoWcJO50uvQq+MS:Xb/Fp2UdKik9j0RcKfY00uvQq+M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15df59853b5bafefa6e814ffbb5fe0e1_JaffaCakes118

Files

15df59853b5bafefa6e814ffbb5fe0e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2f8f87de5dc058fb85fd3f295a33e8de

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LocalAlloc
GetCPInfo
HeapCreate
WaitForSingleObject
lstrcpynW
MulDiv
FlushFileBuffers
SetStdHandle
FindResourceW
TlsGetValue
GetStringTypeW
RaiseException
GetThreadLocale
GetCurrentProcess
GetLocaleInfoA
CheckRemoteDebuggerPresent
VirtualFree
LoadResource
IsProcessorFeaturePresent
lstrcmpA
TlsFree
GetDriveTypeW
GetStringTypeA
CreateSemaphoreW
GetStartupInfoA
LeaveCriticalSection
SizeofResource
TlsSetValue
WritePrivateProfileSectionW
EnumResourceTypesW
VirtualAlloc
WriteConsoleW
GetVersion
WriteConsoleA
LCMapStringW
GetConsoleMode
LockResource
lstrlenA
QueryPerformanceCounter
InterlockedExchange
GetCurrentThreadId
CreateFileA
WideCharToMultiByte
Sleep
LocalFree
TlsAlloc
GetCurrentProcessId
GetConsoleCP
InitializeCriticalSection
InterlockedCompareExchange
CopyFileW
LoadLibraryA
HeapDestroy
SetFilePointer
GetTickCount
GetSystemTimeAsFileTime
CreateFileMappingW
HeapSize
GetACP
GetOEMCP
IsDebuggerPresent
GetConsoleOutputCP
SetUnhandledExceptionFilter
SetLastError
FlushInstructionCache
LCMapStringA
GetFileType

user32

DestroyWindow
PeekMessageW
RegisterClassExW
DispatchMessageW
GetWindowInfo
GetClassInfoExW
GetWindow
TranslateMessage
EndPaint
LoadCursorW
GetAncestor
GetClientRect
SetCapture
GetDlgItemTextW
GetWindowRect
GetParent
SetWindowTextW
CreateWindowExW
SystemParametersInfoW
GetWindowTextLengthW
MessageBoxW
SetDlgItemTextW
BeginPaint
GetDC
MapWindowPoints
SetWindowPos
EndDialog

winspool.drv

DocumentPropertiesW

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f8f87de5dc058fb85fd3f295a33e8de

Headers

File Characteristics

Imports

kernel32

user32

winspool.drv

Sections

.text Size: 112KB - Virtual size: 111KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 55KB - Virtual size: 54KB

.isete Size: 1024B - Virtual size: 76KB

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 55KB - Virtual size: 54KB

.isete
Size: 1024B - Virtual size: 76KB