JaffaCakes118_1c1a20508c58081e1d870b2292d2098f

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_1c1a20508c58081e1d870b2292d2098f
Size

259KB
MD5

1c1a20508c58081e1d870b2292d2098f
SHA1

6fc4f505f2d10749a4feff4ed125843f2b9136ba
SHA256

bc60ffd827026a61ea04fc3819a126139541cc056dfa191d219f2b63b9135a4e
SHA512

2d019d95dc0256b5e332239daae61fbf38f3848426e262dcae2f3be502d358591b0dd6301fa647d5cf11df1c40c42cd3d69cc55f72b6d51d93e51c84cc9a72c7
SSDEEP

6144:5NtJIZHTutDjIzebMsoM0xiXqVL5+IuwHpuXNjUl3w:ZK+Dczebnd0AXqVd+IZwjUW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_1c1a20508c58081e1d870b2292d2098f

Files

JaffaCakes118_1c1a20508c58081e1d870b2292d2098f
.exe .js windows:4 windows x86 arch:x86 polyglot

be0347c9d016da86a19fe9ba1649175f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance

kernel32

HeapReAlloc
GetOverlappedResult
CreateEventW
EnterCriticalSection
CloseHandle
FindResourceExW
GetSystemInfo
GetFileSize
UnregisterWaitEx
ResumeThread
LockResource
HeapDestroy
UnhandledExceptionFilter
WaitForSingleObjectEx
LoadResource
GetThreadContext
SetNamedPipeHandleState
GetModuleHandleW
VirtualFree
HeapFree
TlsGetValue
SuspendThread
GetSystemTimeAsFileTime
CancelIo
CreateWaitableTimerW
RaiseException
HeapSize
SizeofResource
SetThreadPriority
TlsSetValue
GetCurrentThreadId
OutputDebugStringA
OpenThread
FindResourceW
GetTimeZoneInformation
GetStdHandle
IsDebuggerPresent
SetWaitableTimer
WriteFile
RtlCaptureContext
GetProcessHeap
CreateFileW
GetFileType
GetThreadTimes
ReadFile
ReleaseSemaphore
VirtualAlloc
LeaveCriticalSection
RegisterWaitForSingleObject
CancelWaitableTimer
DeleteCriticalSection
HeapAlloc
CreateSemaphoreA
TlsAlloc
GetCommandLineW
lstrlenA
WaitForSingleObject
SetUnhandledExceptionFilter
VirtualAllocEx
GetModuleHandleA

winmm

timeGetTime

user32

MessageBoxW

oleaut32

VariantClear
SysFreeString
SysAllocString
VariantInit

advapi32

RegEnumKeyW
RegOpenKeyExW
TraceMessage
GetTraceEnableLevel
RegQueryValueExW
GetTraceLoggerHandle
RegEnumValueW
UnregisterTraceGuids
RegCloseKey
RegQueryInfoKeyW
RegisterTraceGuidsW
GetTraceEnableFlags
ControlTraceW

shlwapi

PathAddBackslashW

winspool.drv

DocumentEvent
GetPrinterDriverDirectoryA
SplDriverUnloadComplete
GetPrinterDriverA
DocumentPropertiesA
EndDocPrinter
SetDefaultPrinterA
GetPrintProcessorDirectoryW
AddPortExA
FlushPrinter
DeletePrinterDataExW
StartDocPrinterW

softpub

SoftpubDefCertInit
DllUnregisterServer
OpenPersonalTrustDBDialog

Sections

.LPfxR
Size: 512B - Virtual size: 15KB

IMAGE_SCN_MEM_READ

.eJCh
Size: 2KB - Virtual size: 24KB

IMAGE_SCN_MEM_READ

.lrHXO
Size: 512B - Virtual size: 21KB

IMAGE_SCN_MEM_READ

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qVBxg
Size: 1024B - Virtual size: 759B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.YpaQGG
Size: 512B - Virtual size: 463B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.EPUG
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Kkqg
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CKOc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hkSR
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.FLjQRU
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.BiSHzYR
Size: 1024B - Virtual size: 783B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be0347c9d016da86a19fe9ba1649175f

Headers

File Characteristics

Imports

ole32

kernel32

winmm

user32

oleaut32

advapi32

shlwapi

winspool.drv

softpub

Sections

.LPfxR Size: 512B - Virtual size: 15KB

.eJCh Size: 2KB - Virtual size: 24KB

.lrHXO Size: 512B - Virtual size: 21KB

.text Size: 19KB - Virtual size: 19KB

.qVBxg Size: 1024B - Virtual size: 759B

.YpaQGG Size: 512B - Virtual size: 463B

.EPUG Size: 2KB - Virtual size: 2KB

.Kkqg Size: 3KB - Virtual size: 2KB

.data Size: 9KB - Virtual size: 120KB

.CKOc Size: 2KB - Virtual size: 2KB

.rdata Size: 208KB - Virtual size: 208KB

.hkSR Size: 3KB - Virtual size: 2KB

.FLjQRU Size: 2KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.BiSHzYR Size: 1024B - Virtual size: 783B

.LPfxR
Size: 512B - Virtual size: 15KB

.eJCh
Size: 2KB - Virtual size: 24KB

.lrHXO
Size: 512B - Virtual size: 21KB

.text
Size: 19KB - Virtual size: 19KB

.qVBxg
Size: 1024B - Virtual size: 759B

.YpaQGG
Size: 512B - Virtual size: 463B

.EPUG
Size: 2KB - Virtual size: 2KB

.Kkqg
Size: 3KB - Virtual size: 2KB

.data
Size: 9KB - Virtual size: 120KB

.CKOc
Size: 2KB - Virtual size: 2KB

.rdata
Size: 208KB - Virtual size: 208KB

.hkSR
Size: 3KB - Virtual size: 2KB

.FLjQRU
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.BiSHzYR
Size: 1024B - Virtual size: 783B