JaffaCakes118_e769e9dbad6f8e800aba8d67c2800cf4

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_e769e9dbad6f8e800aba8d67c2800cf4
Size

166KB
MD5

e769e9dbad6f8e800aba8d67c2800cf4
SHA1

f55b5b245d0a98727b3f02ca60c7f85f56a676d4
SHA256

7d2cad3248000f306e71bbcefb557e4254335bc4ae0902003484db3507efac56
SHA512

9fdee4436cbc860d4e87b58daf2f85a585cd5a345bdc7ada387c04fd73de79db441bc95a8edc044f9f865d76f6d0b671f3870f8471ab4fd8a32f4ace8b62a83c
SSDEEP

3072:AwJH5h9cjqo7o99Pq7/sIe70BB0e4X2IiJOfV9efmL27LaQEAd+px:L1T9cjFvI7q2TniNa27LlEz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_e769e9dbad6f8e800aba8d67c2800cf4

Files

JaffaCakes118_e769e9dbad6f8e800aba8d67c2800cf4
.exe windows:4 windows x86 arch:x86

b6b38bbecec2cbb9d72eae12c52035cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

winspool.drv

DocumentPropertiesW

user32

RegisterClassExW
PeekMessageW
GetWindowTextLengthW
SystemParametersInfoW
SetCapture
GetClientRect
EndPaint
TranslateMessage
SetWindowTextW
MapWindowPoints
LoadCursorW
DispatchMessageW
GetDC
DestroyWindow
CreateWindowExW
GetDlgItemTextW
GetClassInfoExW
SetWindowPos
BeginPaint
GetWindowInfo
GetWindow
SetDlgItemTextW
MessageBoxW
GetAncestor
GetParent
GetWindowRect
EndDialog

kernel32

WriteConsoleW
GetConsoleOutputCP
GetCurrentProcessId
LoadLibraryA
GetACP
Sleep
LocalFree
lstrcpynW
TlsSetValue
CreateFileA
LCMapStringA
LoadResource
GetThreadLocale
WriteConsoleA
GetConsoleCP
CopyFileW
WideCharToMultiByte
GetCPInfo
CheckRemoteDebuggerPresent
GetStringTypeW
SetFilePointer
GetCurrentThreadId
SetUnhandledExceptionFilter
GetOEMCP
InterlockedCompareExchange
FlushFileBuffers
GetStartupInfoA
GetVersion
GetSystemTimeAsFileTime
WaitForSingleObject
QueryPerformanceCounter
GetConsoleMode
CreateSemaphoreW
WritePrivateProfileSectionW
LeaveCriticalSection
RaiseException
EnumResourceTypesW
LCMapStringW
FindResourceW
LockResource
GetStringTypeA
GetTickCount
SizeofResource
InitializeCriticalSection
VirtualFree
IsProcessorFeaturePresent
TlsFree
InterlockedExchange
lstrcmpA
GetCurrentProcess
GetLocaleInfoA
HeapCreate
FlushInstructionCache
LocalAlloc
MulDiv
VirtualAlloc
IsDebuggerPresent
HeapSize
SetStdHandle
HeapDestroy
SetLastError
lstrlenA
TlsGetValue
TlsAlloc
CreateFileMappingW
GetDriveTypeW
GetFileType

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6b38bbecec2cbb9d72eae12c52035cd

Headers

File Characteristics

Imports

winspool.drv

user32

kernel32

Sections

.text Size: 109KB - Virtual size: 109KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 52KB - Virtual size: 51KB

.isete Size: 1024B - Virtual size: 244KB

.text
Size: 109KB - Virtual size: 109KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 52KB - Virtual size: 51KB

.isete
Size: 1024B - Virtual size: 244KB