e8093b46dddc0bcba074968e5a6b33c5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e8093b46dddc0bcba074968e5a6b33c5_JaffaCakes118
Size

172KB
MD5

e8093b46dddc0bcba074968e5a6b33c5
SHA1

934dbc167f20e6f592b193db0f2532aecbdd1004
SHA256

3cb2a63bfeab8a67731332b7f61675aa13344d26445e8df2932fcc790d0f314b
SHA512

d6171bd08aae1e7b967da1c5ea0aa321ead3d26910bcfc089df4f8191892ef76a9f609cbf9896e3ed79803b7870febe723bb1582dcc45a2c1b1007b6db8c2ac3
SSDEEP

3072:MNWW+DLaq5zn1w6+/Mdpt2l2Ha8YExPeOWL9YpW8Q4LGWF9wh7hN6cK9XGWDoIkR:MNfMLaUeYd4268YEWOWBYg+gthN6cK9g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8093b46dddc0bcba074968e5a6b33c5_JaffaCakes118

Files

e8093b46dddc0bcba074968e5a6b33c5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

62c18786e5c2673a56d72ca0eb3ffaad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

winspool.drv

DocumentPropertiesW

kernel32

CreateFileMappingW
IsProcessorFeaturePresent
WritePrivateProfileSectionW
GetLocaleInfoA
MulDiv
SetLastError
HeapDestroy
lstrcpynW
GetConsoleOutputCP
LocalAlloc
FlushInstructionCache
Sleep
WriteConsoleA
TlsFree
GetTickCount
CheckRemoteDebuggerPresent
LoadResource
LCMapStringA
GetConsoleCP
GetConsoleMode
GetThreadLocale
GetCPInfo
RaiseException
FindResourceW
TlsSetValue
GetStringTypeA
WaitForSingleObject
LeaveCriticalSection
GetDriveTypeW
GetStartupInfoA
GetVersion
IsDebuggerPresent
InterlockedCompareExchange
EnumResourceTypesW
GetSystemTimeAsFileTime
LockResource
SetUnhandledExceptionFilter
TlsGetValue
TlsAlloc
InterlockedExchange
GetOEMCP
FlushFileBuffers
QueryPerformanceCounter
InitializeCriticalSection
HeapSize
CreateSemaphoreW
GetCurrentProcess
VirtualAlloc
CopyFileW
WideCharToMultiByte
GetACP
HeapCreate
LoadLibraryA
SetFilePointer
CreateFileA
GetCurrentThreadId
SetStdHandle
WriteConsoleW
lstrcmpA
GetCurrentProcessId
lstrlenA
SizeofResource
LCMapStringW
LocalFree
GetStringTypeW
VirtualFree
GetFileType

user32

GetWindowTextLengthW
GetAncestor
DispatchMessageW
LoadCursorW
CreateWindowExW
GetWindowRect
GetClientRect
GetDC
SetCapture
SetWindowPos
GetClassInfoExW
EndPaint
TranslateMessage
MapWindowPoints
SetDlgItemTextW
PeekMessageW
GetWindowInfo
MessageBoxW
BeginPaint
DestroyWindow
GetWindow
SystemParametersInfoW
GetDlgItemTextW
GetParent
RegisterClassExW
SetWindowTextW
EndDialog

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62c18786e5c2673a56d72ca0eb3ffaad

Headers

File Characteristics

Imports

winspool.drv

kernel32

user32

Sections

.text Size: 117KB - Virtual size: 117KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 50KB - Virtual size: 50KB

.isete Size: 1024B - Virtual size: 244KB

.text
Size: 117KB - Virtual size: 117KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 50KB - Virtual size: 50KB

.isete
Size: 1024B - Virtual size: 244KB