4d1ee1820db0a666c3a8a968f03356ac_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4d1ee1820db0a666c3a8a968f03356ac_JaffaCakes118
Size

160KB
MD5

4d1ee1820db0a666c3a8a968f03356ac
SHA1

b33a0b5d60adf627c26d272500be4dd9f332c077
SHA256

1bc3e0dfd89e9ebeaff067a7ce76a0632adb3ad322d993df799fc176d41b7160
SHA512

184691c8cee8870793aa2c8676065d5eac5945e82d82499a76c09e249ee58c36b202ddf067424348d884c2d68979b8befe053bd210150cff4bb65504ff62af04
SSDEEP

3072:rK9SxMk4l3K1yPrJqsIqja1Z0bSscaXF:u9SxliVTYsIqm30bQa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d1ee1820db0a666c3a8a968f03356ac_JaffaCakes118

Files

4d1ee1820db0a666c3a8a968f03356ac_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a8e4e2a1860c14f7fdaa127c9d487561

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

sNQ.pdb

Imports

winspool.drv

GetPrinterDataW

msvcrt

fputs
rand

shlwapi

StrRChrW

gdi32

OffsetRgn
SetLayout
CloseMetaFile
SetMetaRgn

user32

DrawEdge
DdeGetLastError
AnimateWindow
GetMenuState
GetSysColor
AddClipboardFormatListener
DestroyAcceleratorTable
GetLastInputInfo
GetComboBoxInfo
SendMessageCallbackW
SetWindowsHookExW
IsDlgButtonChecked
ReplyMessage
TranslateMessage
ChildWindowFromPoint

mscms

InstallColorProfileW

urlmon

MkParseDisplayNameEx
CoInternetQueryInfo

kernel32

GetThreadPriority
GetCommandLineA
ApplicationRecoveryInProgress
GetSystemInfo
GetProcessIoCounters
AllocConsole
GetConsoleProcessList
GetSystemDefaultLCID
LocalFileTimeToFileTime
NotifyUILanguageChange

ole32

CoCreateInstance
HBITMAP_UserMarshal
CoRevokeMallocSpy

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CONST
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Data
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8e4e2a1860c14f7fdaa127c9d487561

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winspool.drv

msvcrt

shlwapi

gdi32

user32

mscms

urlmon

kernel32

ole32

Sections

.text Size: 12KB - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 7KB

DATA Size: 40KB - Virtual size: 38KB

CONST Size: 28KB - Virtual size: 25KB

Data Size: 60KB - Virtual size: 59KB

.rsrc Size: 4KB - Virtual size: 1016B

.reloc Size: 4KB - Virtual size: 336B

.text
Size: 12KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 7KB

DATA
Size: 40KB - Virtual size: 38KB

CONST
Size: 28KB - Virtual size: 25KB

Data
Size: 60KB - Virtual size: 59KB

.rsrc
Size: 4KB - Virtual size: 1016B

.reloc
Size: 4KB - Virtual size: 336B