f978a3843645d963d9c0985faa37edbf_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f978a3843645d963d9c0985faa37edbf_JaffaCakes118
Size

265KB
MD5

f978a3843645d963d9c0985faa37edbf
SHA1

556eaf2e068b10d0f150f5f25d60a944a1a302c9
SHA256

a1e1b78078510d8689c76b05f06b7032487c03cab8f423a26be3bf3510066f37
SHA512

ba4f631f5309c7fece9130bd5b7b1b811aa20dbb85cdc283dedb51c10620e27696f9d2701739e0d6d9f7bde79324a1d7723181606b6fda1b90758444656a40b8
SSDEEP

6144:rH4Tmfn8dMwBnVpV21WBMA41aZcCfZ34+rDLr:r6m85nXV21Wi1aZPh3ZH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f978a3843645d963d9c0985faa37edbf_JaffaCakes118

Files

f978a3843645d963d9c0985faa37edbf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6cb9cc5d8e2ecdb5ac363cb6a8f3c231

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
CoTaskMemFree
CoCreateGuid
IIDFromString
CoTaskMemRealloc
CoTaskMemAlloc

rpcrt4

UuidFromStringW
UuidCreate

kernel32

GetUserDefaultLangID
LockResource
FormatMessageW
SystemTimeToFileTime
OpenThread
lstrlenW
IsDebuggerPresent
GetCurrentThreadId
LocalFree
RaiseException
GetDriveTypeW
CloseHandle
SystemTimeToTzSpecificLocalTime
LeaveCriticalSection
EnterCriticalSection
GetFileSize
LoadResource
lstrlenA
SetUnhandledExceptionFilter
DeleteCriticalSection
CreateFileW
GetModuleHandleW
LocalAlloc
LoadLibraryExW
GetSystemTime
HeapReAlloc
SetLastError
ReadFile
FileTimeToSystemTime
FindResourceW
GetProcessHeap
GetNumberFormatW
SizeofResource
HeapFree
FindResourceExW
HeapSize
FreeLibrary
GetSystemTimeAsFileTime
OutputDebugStringW
GetTimeZoneInformation
HeapAlloc
UnhandledExceptionFilter
HeapDestroy
lstrcmpiW
GetCurrentDirectoryA
VirtualAllocEx

user32

GetForegroundWindow
GetSystemMetrics
GetActiveWindow
LoadStringW
SetCursor
GetTopWindow
GetDesktopWindow
SystemParametersInfoW
CharNextW
LoadCursorW

oleaut32

VarUI4FromStr
VariantClear

winspool.drv

SetPrinterA
XcvDataW
DeletePrinterKeyA
AddPrinterDriverA
AdvancedDocumentPropertiesW
SpoolerPrinterEvent
AddPrintProcessorW
EnumPrinterDriversA
DocumentPropertiesW
AddFormW
AddPrinterW
GetPrinterDriverDirectoryW

kbdur

KbdLayerDescriptor

Sections

.Rncx
Size: 1024B - Virtual size: 18KB

IMAGE_SCN_MEM_READ

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bmTUB
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.WySP
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rWIqOwD
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nrrW
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.EmBZyQ
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PtVR
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TlfSNwR
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.AEZK
Size: 1024B - Virtual size: 585B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6cb9cc5d8e2ecdb5ac363cb6a8f3c231

Headers

DLL Characteristics

File Characteristics

Imports

ole32

rpcrt4

kernel32

user32

oleaut32

winspool.drv

kbdur

Sections

.Rncx Size: 1024B - Virtual size: 18KB

.text Size: 18KB - Virtual size: 18KB

.bmTUB Size: 1KB - Virtual size: 1KB

.WySP Size: 3KB - Virtual size: 2KB

.rWIqOwD Size: 1KB - Virtual size: 1KB

.nrrW Size: 3KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 325KB

.rdata Size: 208KB - Virtual size: 207KB

.EmBZyQ Size: 3KB - Virtual size: 2KB

.PtVR Size: 2KB - Virtual size: 2KB

.rsrc Size: 10KB - Virtual size: 10KB

.TlfSNwR Size: 2KB - Virtual size: 1KB

.AEZK Size: 1024B - Virtual size: 585B

.Rncx
Size: 1024B - Virtual size: 18KB

.text
Size: 18KB - Virtual size: 18KB

.bmTUB
Size: 1KB - Virtual size: 1KB

.WySP
Size: 3KB - Virtual size: 2KB

.rWIqOwD
Size: 1KB - Virtual size: 1KB

.nrrW
Size: 3KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 325KB

.rdata
Size: 208KB - Virtual size: 207KB

.EmBZyQ
Size: 3KB - Virtual size: 2KB

.PtVR
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 10KB - Virtual size: 10KB

.TlfSNwR
Size: 2KB - Virtual size: 1KB

.AEZK
Size: 1024B - Virtual size: 585B