JaffaCakes118_bfa1d50fedad974a4199e5c01655bdb2

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_bfa1d50fedad974a4199e5c01655bdb2
Size

166KB
MD5

bfa1d50fedad974a4199e5c01655bdb2
SHA1

c4cdf26f8110647a680e520087ca3d4339deb2ab
SHA256

658271b9a7fa19820f64a1ca3c4d19a38cd368ae4d59aae8329f737b1cfc650c
SHA512

c0afdddd6ac98c64c0e037c29ecee95e4f0362305dcafd66e53c2ddb31a67d7e150622c7923b81be019958f5317ac21ed5289fc6e603569fb3d0d97e74472229
SSDEEP

3072:b5aUwUmJPCJIeGTvJTNdBadhGdDpWU+Jzu7bzKtQ4T/ffJTkTeM43D5c:b5SUmJPEI1vTdYhSUhzuM/ffRkTeMmDS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_bfa1d50fedad974a4199e5c01655bdb2

Files

JaffaCakes118_bfa1d50fedad974a4199e5c01655bdb2
.exe windows:4 windows x86 arch:x86

616f5c3184bf2219feeed6af68935bf1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcpynW
SetLastError
GetOEMCP
GetCPInfo
SetFilePointer
CreateSemaphoreW
LeaveCriticalSection
WriteConsoleA
LocalFree
GetACP
GetConsoleCP
GetCurrentProcessId
WaitForSingleObject
GetTickCount
FindResourceW
MulDiv
GetConsoleOutputCP
LCMapStringA
CheckRemoteDebuggerPresent
RaiseException
GetThreadLocale
GetCurrentThreadId
TlsSetValue
GetDriveTypeW
CreateFileMappingW
lstrlenA
FlushInstructionCache
InterlockedCompareExchange
TlsAlloc
LCMapStringW
VirtualFree
SetStdHandle
Sleep
EnumResourceTypesW
LoadLibraryA
IsProcessorFeaturePresent
TlsFree
TlsGetValue
WideCharToMultiByte
GetStartupInfoA
HeapDestroy
LoadResource
lstrcmpA
WriteConsoleW
GetStringTypeA
InitializeCriticalSection
SizeofResource
VirtualAlloc
GetSystemTimeAsFileTime
GetCurrentProcess
HeapCreate
IsDebuggerPresent
GetLocaleInfoA
QueryPerformanceCounter
GetVersion
CopyFileW
GetConsoleMode
InterlockedExchange
LocalAlloc
GetStringTypeW
WritePrivateProfileSectionW
SetUnhandledExceptionFilter
CreateFileA
FlushFileBuffers
LockResource
HeapSize
GetFileType

winspool.drv

DocumentPropertiesW

user32

GetClassInfoExW
SetCapture
BeginPaint
EndPaint
LoadCursorW
GetWindowRect
GetWindowInfo
TranslateMessage
GetWindowTextLengthW
RegisterClassExW
GetWindow
PeekMessageW
GetDlgItemTextW
GetClientRect
DestroyWindow
GetParent
SetWindowTextW
SetDlgItemTextW
DispatchMessageW
MessageBoxW
GetAncestor
CreateWindowExW
GetDC
SystemParametersInfoW
SetWindowPos
MapWindowPoints
EndDialog

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

616f5c3184bf2219feeed6af68935bf1

Headers

File Characteristics

Imports

kernel32

winspool.drv

user32

Sections

.text Size: 111KB - Virtual size: 111KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 50KB - Virtual size: 49KB

.isete Size: 1024B - Virtual size: 244KB

.text
Size: 111KB - Virtual size: 111KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 50KB - Virtual size: 49KB

.isete
Size: 1024B - Virtual size: 244KB