JaffaCakes118_eed162c9f4a3ea42ea8e3e67a3414544

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_eed162c9f4a3ea42ea8e3e67a3414544
Size

268KB
MD5

eed162c9f4a3ea42ea8e3e67a3414544
SHA1

43d252009badc9ba6aee288de37312fe7c5da577
SHA256

42d8a6f24d4b381b686a6e49f91d178dbd7797a9e761b05b525e552015eaa3df
SHA512

dd4c99cd1567b794e2527c9554226aa6fccbbaae562ee6c3b2cc8c6ad4b6d294edd8a3228b4eb0d0362c9da1a30cf711a4b9ef31504f8e303054aef7bc2e6b8c
SSDEEP

6144:nhdeZbnx1Ef/xTYw+76r+oO587v2i2gOhiBaL17F/xHivo:nbGYKw+W9Oe7v2i3OwaL15pHi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_eed162c9f4a3ea42ea8e3e67a3414544

Files

JaffaCakes118_eed162c9f4a3ea42ea8e3e67a3414544
.exe windows:5 windows x86 arch:x86

3d290e14aa1a814fc4e6341f7384d5e7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathW

oleaut32

LoadTypeLi
SafeArrayLock
VariantInit
SafeArrayGetLBound
VariantChangeType
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantCopy
SafeArrayRedim
SafeArrayDestroy
SysStringByteLen
SysAllocString
SafeArrayCreate
SafeArrayGetVartype
SysFreeString
LoadRegTypeLi
GetErrorInfo
SafeArrayGetUBound
SysAllocStringByteLen
SafeArrayCopy
SysStringLen
VariantCopyInd
VariantClear
SafeArrayUnlock

userenv

UnloadUserProfile

user32

UnregisterClassA

advapi32

GetLengthSid
OpenProcessToken
GetTokenInformation
CopySid
EqualSid
RegisterEventSourceW
DeregisterEventSource
IsValidSid
ReportEventW
OpenThreadToken

kernel32

HeapAlloc
HeapReAlloc
IsDebuggerPresent
GetCurrentThreadId
SetUnhandledExceptionFilter
GetThreadLocale
FormatMessageW
RaiseException
SetThreadLocale
LeaveCriticalSection
HeapSize
GetSystemTimeAsFileTime
DeleteCriticalSection
GetProcessHeap
UnhandledExceptionFilter
HeapFree
CloseHandle
lstrlenW
EnterCriticalSection
HeapDestroy
lstrlenA
GetACP
lstrcmpA
VirtualAllocEx

shlwapi

PathAppendW

ole32

CoRevertToSelf
CLSIDFromProgID
CoCreateInstance
CoImpersonateClient

winspool.drv

OpenPrinterW
EndDocPrinter
DevQueryPrintEx
AddPortExW
EnumPrinterDataExW
GetJobA
AddJobA
EnumPrinterDataExA
SetDefaultPrinterW
SetJobA
EnumPrinterDataW
DeletePrinterConnectionW
WaitForPrinterChange
EnumPrintProcessorsW
EXTDEVICEMODE
ReadPrinter
SpoolerDevQueryPrintW

wmiprop

WmiPropCoInstaller

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.hZqO
Size: 1024B - Virtual size: 740B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdwdH
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.OhpzJB
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bFXMO
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gxcNu
Size: 110KB - Virtual size: 753KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 110KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eTxvAkh
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bKRQxSc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ryHNLZ
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nyAeu
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3d290e14aa1a814fc4e6341f7384d5e7

Headers

DLL Characteristics

File Characteristics

Imports

shell32

oleaut32

userenv

user32

advapi32

kernel32

shlwapi

ole32

winspool.drv

wmiprop

Sections

.text Size: 19KB - Virtual size: 19KB

.hZqO Size: 1024B - Virtual size: 740B

.bdwdH Size: 3KB - Virtual size: 2KB

.OhpzJB Size: 3KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 2KB

.bFXMO Size: 2KB - Virtual size: 1KB

.gxcNu Size: 110KB - Virtual size: 753KB

.data Size: 110KB - Virtual size: 1.1MB

.rsrc Size: 6KB - Virtual size: 5KB

.eTxvAkh Size: 2KB - Virtual size: 1KB

.bKRQxSc Size: 2KB - Virtual size: 1KB

.ryHNLZ Size: 3KB - Virtual size: 2KB

.nyAeu Size: 3KB - Virtual size: 2KB

.text
Size: 19KB - Virtual size: 19KB

.hZqO
Size: 1024B - Virtual size: 740B

.bdwdH
Size: 3KB - Virtual size: 2KB

.OhpzJB
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 2KB

.bFXMO
Size: 2KB - Virtual size: 1KB

.gxcNu
Size: 110KB - Virtual size: 753KB

.data
Size: 110KB - Virtual size: 1.1MB

.rsrc
Size: 6KB - Virtual size: 5KB

.eTxvAkh
Size: 2KB - Virtual size: 1KB

.bKRQxSc
Size: 2KB - Virtual size: 1KB

.ryHNLZ
Size: 3KB - Virtual size: 2KB

.nyAeu
Size: 3KB - Virtual size: 2KB