37f08c2d359d40681122a1ddaad99eac_JaffaCakes118

General

Target

37f08c2d359d40681122a1ddaad99eac_JaffaCakes118
Size

196KB
MD5

37f08c2d359d40681122a1ddaad99eac
SHA1

7906467d6612e85d4f4f1c1f6e604a5993118859
SHA256

aebc267f6dad9b322703d639fd5730fc0555c7f448a8bd003b92431da4e3b060
SHA512

56fc66ee8806976f39e04a2596a35019ba6b37d8c036e35894e33f96d70cfaa5a01955e2c055489f42f31d8050a5e94a961511092eff9d7bcc54cb55c0d0b701
SSDEEP

3072:QJL1z4UtJ9aInM2SNjhjUO6CgjWPh3Mh+LxWbBBGuoP9AsRvLHmgjyekeNtxvn:A+Uj9aInIjhjU1Ch3V0iz9DLH0b+f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37f08c2d359d40681122a1ddaad99eac_JaffaCakes118

Files

37f08c2d359d40681122a1ddaad99eac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5930473aaa73f267d43c89bdb834860b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
FindNextFileW
GetCommandLineA
FindClose
FindFirstFileW
CreateDirectoryW
DeleteFileW
ResetEvent
VirtualFree
VirtualAlloc
SystemTimeToFileTime
GetLocalTime
GetProfileStringW
GetOEMCP
GetACP
CompareStringW
CompareStringA
GetCPInfo
LCMapStringW
LCMapStringA
SetEndOfFile
LoadLibraryA
CreateFileA
FlushFileBuffers
SetStdHandle
GetTimeZoneInformation
GetSystemTime
GetModuleHandleA
GetStartupInfoW
GetVersion
ExitProcess
HeapFree
GetLastError
CloseHandle
ReadFile
TerminateProcess
GetCurrentProcess
SetFilePointer
GetProcAddress
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
RtlUnwind
WriteFile
GetModuleFileNameA
GetStringTypeA
GetStringTypeW
WideCharToMultiByte
HeapAlloc
HeapReAlloc
IsBadWritePtr
SetEnvironmentVariableA

winspool.drv

DocumentPropertiesW
ClosePrinter
EnumPrintersA
OpenPrinterW

shlwapi

StrCmpW
SHDeleteKeyW
SHRegCloseUSKey
SHRegCreateUSKeyW
SHRegWriteUSValueW
StrToIntW

Sections

.text
Size: 180KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5930473aaa73f267d43c89bdb834860b

Headers

File Characteristics

Imports

kernel32

winspool.drv

shlwapi

Sections

.text Size: 180KB - Virtual size: 177KB

.data Size: 8KB - Virtual size: 91KB

.rsrc Size: 4KB - Virtual size: 784B

.text
Size: 180KB - Virtual size: 177KB

.data
Size: 8KB - Virtual size: 91KB

.rsrc
Size: 4KB - Virtual size: 784B