JaffaCakes118_ce1c8ed3d8a4f75de2a1d1c84578b3de

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_ce1c8ed3d8a4f75de2a1d1c84578b3de
Size

160KB
MD5

ce1c8ed3d8a4f75de2a1d1c84578b3de
SHA1

a6e3cc255006eeb7c3f19f3c043fde52e977e8e0
SHA256

635304027bba81fefde1459aa3a75dcb69755f0e5105c3c2c1d35229e7bdb9a7
SHA512

986a7be71d3a0420d0ed84331493be6dd18f09761e298c85afc6b6d3a820e9530bfc1c68a8a9b8d51a7611e68e02e3a71b2c1d24590f7aaf0c70a362d5c1b2f5
SSDEEP

3072:W1olO0YQ+wsr2CD1bvymnpvjIxaL4Vp4gvgXh/1Anwxlk+nV:W1j0D+wsrl1zlpBL4jzc/OO7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_ce1c8ed3d8a4f75de2a1d1c84578b3de

Files

JaffaCakes118_ce1c8ed3d8a4f75de2a1d1c84578b3de
.exe windows:4 windows x86 arch:x86

1c4543f978832f69ff18b5b93d48b84c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

RegisterClassExW
GetWindow
GetWindowRect
SystemParametersInfoW
EndPaint
GetWindowTextLengthW
SetWindowTextW
GetDlgItemTextW
MessageBoxW
GetWindowInfo
GetParent
MapWindowPoints
DispatchMessageW
SetDlgItemTextW
DestroyWindow
GetAncestor
LoadCursorW
PeekMessageW
GetClassInfoExW
GetClientRect
CreateWindowExW
SetCapture
SetWindowPos
BeginPaint
GetDC
TranslateMessage
EndDialog

winspool.drv

DocumentPropertiesW

kernel32

TlsSetValue
lstrcpynW
VirtualAlloc
TlsGetValue
WaitForSingleObject
HeapSize
LockResource
lstrlenA
GetCurrentProcess
CreateSemaphoreW
GetStartupInfoA
GetCPInfo
LeaveCriticalSection
VirtualFree
WritePrivateProfileSectionW
CopyFileW
GetConsoleOutputCP
CheckRemoteDebuggerPresent
LCMapStringA
Sleep
LoadLibraryA
GetVersion
InterlockedCompareExchange
CreateFileMappingW
GetConsoleMode
SizeofResource
LCMapStringW
IsProcessorFeaturePresent
GetACP
EnumResourceTypesW
SetUnhandledExceptionFilter
GetCurrentThreadId
RaiseException
FlushInstructionCache
lstrcmpA
LoadResource
GetThreadLocale
HeapCreate
GetLocaleInfoA
FindResourceW
GetDriveTypeW
LocalFree
GetSystemTimeAsFileTime
InterlockedExchange
GetStringTypeA
QueryPerformanceCounter
SetLastError
WriteConsoleA
GetTickCount
SetFilePointer
GetCurrentProcessId
InitializeCriticalSection
HeapDestroy
LocalAlloc
TlsFree
MulDiv
IsDebuggerPresent
TlsAlloc
GetStringTypeW
WriteConsoleW
WideCharToMultiByte
FlushFileBuffers
CreateFileA
GetOEMCP
SetStdHandle
GetConsoleCP
GetFileType

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c4543f978832f69ff18b5b93d48b84c

Headers

File Characteristics

Imports

user32

winspool.drv

kernel32

Sections

.text Size: 107KB - Virtual size: 106KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 48KB - Virtual size: 48KB

.isete Size: 1024B - Virtual size: 96KB

.text
Size: 107KB - Virtual size: 106KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 48KB - Virtual size: 48KB

.isete
Size: 1024B - Virtual size: 96KB