JaffaCakes118_045fab1e31c832695447370ec92cdccc

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_045fab1e31c832695447370ec92cdccc
Size

273KB
MD5

045fab1e31c832695447370ec92cdccc
SHA1

7a7417d27dcc1d32183649349bcceb3dfbd9109d
SHA256

9431ddd9beb3615df427815ff50840664aec136f86b21b9f67e3ac9201f21207
SHA512

1f6abadc7f340befd63188532fd4b54f0d09ce7f872a1184c12f011f450a3c9afcd93896a0a97d2022a9a6dfd3b97b97250a661f76d98e32cdbfe77fb34d4d57
SSDEEP

3072:yNPJiaqxh8gz5wxatqxI02TEK/BPaAg/7Eajtd0G6LvOVT1JV6ewZPSWpsQ2CF6d:yCugjttPRaDY2tLPVT1T6rSW6u6Wi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_045fab1e31c832695447370ec92cdccc

Files

JaffaCakes118_045fab1e31c832695447370ec92cdccc
.exe windows:4 windows x86 arch:x86

1fc3bdd5ede0a64d563c6b8cda3a7199

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
SystemTimeToTzSpecificLocalTime
HeapSize
lstrcmpiW
IsDebuggerPresent
HeapFree
SizeofResource
FindClose
OutputDebugStringW
LocalFree
EnumResourceNamesW
CreateFileW
FreeLibrary
GetProcessHeap
LeaveCriticalSection
FindResourceExW
GetFileSize
LocalAlloc
GetSystemTimeAsFileTime
LoadResource
UnhandledExceptionFilter
ProcessIdToSessionId
FormatMessageW
lstrlenW
SystemTimeToFileTime
LoadLibraryExW
HeapAlloc
GetCurrentThreadId
GetTimeZoneInformation
LockResource
FindResourceW
HeapDestroy
GetSystemTime
DeleteCriticalSection
CloseHandle
SetUnhandledExceptionFilter
RaiseException
GetModuleHandleW
HeapReAlloc
EnterCriticalSection
FindFirstFileW
GetCurrentProcess
VirtualAllocEx

gdi32

DeleteDC
CreateCompatibleBitmap
PatBlt
CreateCompatibleDC
SelectObject
CreateDCW
CreateSolidBrush
DeleteObject
GetObjectW

oleaut32

VarUI4FromStr

ole32

CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoCreateGuid

user32

LoadImageW
DestroyIcon
DrawIconEx
GetForegroundWindow
CharNextW
GetActiveWindow
AllowSetForegroundWindow
GetSystemMetrics
GetDesktopWindow

winspool.drv

DocumentEvent
EnumPrinterKeyA
PrinterProperties
DeletePrinterConnectionW
EnumPrinterDataW
GetPrintProcessorDirectoryA
AddPrinterDriverA
PrinterMessageBoxW
WaitForPrinterChange
SpoolerPrinterEvent
DevQueryPrint
GetPrinterA
EnumPrintProcessorDatatypesW
ExtDeviceMode

msrle32

DriverProc

Sections

.MgTKJ
Size: 2KB - Virtual size: 22KB

IMAGE_SCN_MEM_READ

.gIabXEW
Size: 2KB - Virtual size: 14KB

IMAGE_SCN_MEM_READ

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rMTvTr
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JNknyQV
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CxDqC
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.IkzRZl
Size: 1024B - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.QFlMI
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lqItB
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iMaG
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QHuRWLj
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hZvUl
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1fc3bdd5ede0a64d563c6b8cda3a7199

Headers

File Characteristics

Imports

kernel32

gdi32

oleaut32

ole32

user32

winspool.drv

msrle32

Sections

.MgTKJ Size: 2KB - Virtual size: 22KB

.gIabXEW Size: 2KB - Virtual size: 14KB

.text Size: 16KB - Virtual size: 16KB

.rMTvTr Size: 2KB - Virtual size: 1KB

.JNknyQV Size: 2KB - Virtual size: 2KB

.CxDqC Size: 2KB - Virtual size: 1KB

.IkzRZl Size: 1024B - Virtual size: 804B

.data Size: 6KB - Virtual size: 132KB

.rdata Size: 208KB - Virtual size: 207KB

.QFlMI Size: 3KB - Virtual size: 2KB

.lqItB Size: 2KB - Virtual size: 2KB

.rsrc Size: 17KB - Virtual size: 17KB

.iMaG Size: 1KB - Virtual size: 1KB

.QHuRWLj Size: 2KB - Virtual size: 1KB

.hZvUl Size: 3KB - Virtual size: 2KB

.MgTKJ
Size: 2KB - Virtual size: 22KB

.gIabXEW
Size: 2KB - Virtual size: 14KB

.text
Size: 16KB - Virtual size: 16KB

.rMTvTr
Size: 2KB - Virtual size: 1KB

.JNknyQV
Size: 2KB - Virtual size: 2KB

.CxDqC
Size: 2KB - Virtual size: 1KB

.IkzRZl
Size: 1024B - Virtual size: 804B

.data
Size: 6KB - Virtual size: 132KB

.rdata
Size: 208KB - Virtual size: 207KB

.QFlMI
Size: 3KB - Virtual size: 2KB

.lqItB
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 17KB - Virtual size: 17KB

.iMaG
Size: 1KB - Virtual size: 1KB

.QHuRWLj
Size: 2KB - Virtual size: 1KB

.hZvUl
Size: 3KB - Virtual size: 2KB