3c45095bdcb30e3babeae1100e0d1ff7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c45095bdcb30e3babeae1100e0d1ff7_JaffaCakes118
Size

328KB
MD5

3c45095bdcb30e3babeae1100e0d1ff7
SHA1

9b13d963d39bd1da6c621f67e14cef8ba3c3340d
SHA256

61c638678ee0a6f7a4d9c09808dcc04c67a515cb23e94a0510ab7d1f950bc948
SHA512

8603a04dbc3a1a8790577a6522f6cb0bb010438fd1d53617a10263dc2af96888e080acfec2f63dd13c2713f420ccb3894b8e7c82ac57dd7e5816034ef66b3ee9
SSDEEP

6144:ASjdgSZEufDF/XRRgoGTZGyOPGa7yHmVDv5FVUDpQgDnb3wxw32gqF6:ASjdHZ3DFZRgoGqGqNFPVcQgvwG326

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c45095bdcb30e3babeae1100e0d1ff7_JaffaCakes118

Files

3c45095bdcb30e3babeae1100e0d1ff7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e9dbe8ee474f435a8dec94ec4ebcd9f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DialogBoxParamA
GetClipboardData
EndDeferWindowPos
GetWindowRect
IsZoomed
MessageBoxExA
EndDialog
CreateWindowExA
GetDesktopWindow
ShowWindowAsync
ChildWindowFromPointEx
FindWindowA
SetWindowPos
GetWindowTextA
CreateDialogIndirectParamA

gdi32

CreateFontW
CopyMetaFileA
Ellipse
DeleteEnhMetaFile
CreateCompatibleDC
FrameRgn
GetBkMode
EqualRgn
GdiGetBatchLimit
CreateDiscardableBitmap
GetBitmapDimensionEx
AngleArc
CloseEnhMetaFile
CreateCompatibleBitmap

advapi32

RegOpenKeyExA
RegNotifyChangeKeyValue
AccessCheck
RegEnumValueA
RegCreateKeyExA
OpenEventLogW
ClearEventLogW
GetTokenInformation

kernel32

GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
GetStringTypeW
GetSystemDefaultLangID
OpenEventA
IsBadWritePtr
HeapCreate
VirtualAlloc
GetDateFormatA
MultiByteToWideChar
GetNumberFormatA
LocalSize
IsBadCodePtr
CreateSemaphoreA
GlobalLock
OpenSemaphoreA
GetStringTypeA
GetPrivateProfileStructA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetEnvironmentVariableA
VirtualAllocEx
LCMapStringW
LCMapStringA
LoadLibraryA
HeapReAlloc
GetFileType
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
GetModuleHandleA
GetStartupInfoA
EnterCriticalSection

winspool.drv

DeletePrinter
AddPrinterDriverW
DeletePrinterConnectionA
SetPrinterW
AddPrinterDriverExW
AddPrinterConnectionA
AddPrinterDriverExA
SetJobA
EnumPrintersW
GetPrinterA

netapi32

NetServerTransportEnum
NetGetDCName
NetErrorLogClear
Netbios
NetGetJoinableOUs
NetErrorLogWrite
NetConfigGet
NetAuditRead
NetGroupAdd
NetGroupAddUser
NetFileClose
NetErrorLogRead
NetGetJoinInformation

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wrix
Size: 324KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9dbe8ee474f435a8dec94ec4ebcd9f0

Headers

File Characteristics

Imports

user32

gdi32

advapi32

kernel32

winspool.drv

netapi32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 83KB

.wrix Size: 324KB - Virtual size: 324KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 83KB

.wrix
Size: 324KB - Virtual size: 324KB

.rsrc
Size: 4KB - Virtual size: 4KB