JaffaCakes118_0848de3500ea2142141f4c7c15f1cf38

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_0848de3500ea2142141f4c7c15f1cf38
Size

265KB
MD5

0848de3500ea2142141f4c7c15f1cf38
SHA1

353faed98fac4f1bb16527468906e0cdd10f9607
SHA256

31305476de4c8f9a3b9bbb1f30785f039f3a98d61579dfbccc70915659b35106
SHA512

69b5b6467e69be5d0835f5e1b579fbb3425e1e67af601317edf722d69a78de6b5929b08ea1dfb5eea09e83cbfa703bdd304ae5896bcf2a2ee894b64ae7705675
SSDEEP

6144:EH4Tmfn8dMwBnVpV21WBMA41aZcCfZ34+rDLr:E6m85nXV21Wi1aZPh3ZH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_0848de3500ea2142141f4c7c15f1cf38

Files

JaffaCakes118_0848de3500ea2142141f4c7c15f1cf38
.exe windows:4 windows x86 arch:x86

6cb9cc5d8e2ecdb5ac363cb6a8f3c231

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
CoTaskMemFree
CoCreateGuid
IIDFromString
CoTaskMemRealloc
CoTaskMemAlloc

rpcrt4

UuidFromStringW
UuidCreate

kernel32

GetUserDefaultLangID
LockResource
FormatMessageW
SystemTimeToFileTime
OpenThread
lstrlenW
IsDebuggerPresent
GetCurrentThreadId
LocalFree
RaiseException
GetDriveTypeW
CloseHandle
SystemTimeToTzSpecificLocalTime
LeaveCriticalSection
EnterCriticalSection
GetFileSize
LoadResource
lstrlenA
SetUnhandledExceptionFilter
DeleteCriticalSection
CreateFileW
GetModuleHandleW
LocalAlloc
LoadLibraryExW
GetSystemTime
HeapReAlloc
SetLastError
ReadFile
FileTimeToSystemTime
FindResourceW
GetProcessHeap
GetNumberFormatW
SizeofResource
HeapFree
FindResourceExW
HeapSize
FreeLibrary
GetSystemTimeAsFileTime
OutputDebugStringW
GetTimeZoneInformation
HeapAlloc
UnhandledExceptionFilter
HeapDestroy
lstrcmpiW
GetCurrentDirectoryA
VirtualAllocEx

user32

GetForegroundWindow
GetSystemMetrics
GetActiveWindow
LoadStringW
SetCursor
GetTopWindow
GetDesktopWindow
SystemParametersInfoW
CharNextW
LoadCursorW

oleaut32

VarUI4FromStr
VariantClear

winspool.drv

SetPrinterA
XcvDataW
DeletePrinterKeyA
AddPrinterDriverA
AdvancedDocumentPropertiesW
SpoolerPrinterEvent
AddPrintProcessorW
EnumPrinterDriversA
DocumentPropertiesW
AddFormW
AddPrinterW
GetPrinterDriverDirectoryW

kbdur

KbdLayerDescriptor

Sections

.Rncx
Size: 1024B - Virtual size: 18KB

IMAGE_SCN_MEM_READ

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bmTUB
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.WySP
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rWIqOwD
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nrrW
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.EmBZyQ
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PtVR
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TlfSNwR
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.AEZK
Size: 1024B - Virtual size: 585B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6cb9cc5d8e2ecdb5ac363cb6a8f3c231

Headers

DLL Characteristics

File Characteristics

Imports

ole32

rpcrt4

kernel32

user32

oleaut32

winspool.drv

kbdur

Sections

.Rncx Size: 1024B - Virtual size: 18KB

.text Size: 18KB - Virtual size: 18KB

.bmTUB Size: 1KB - Virtual size: 1KB

.WySP Size: 3KB - Virtual size: 2KB

.rWIqOwD Size: 1KB - Virtual size: 1KB

.nrrW Size: 3KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 325KB

.rdata Size: 208KB - Virtual size: 207KB

.EmBZyQ Size: 3KB - Virtual size: 2KB

.PtVR Size: 2KB - Virtual size: 2KB

.rsrc Size: 10KB - Virtual size: 10KB

.TlfSNwR Size: 2KB - Virtual size: 1KB

.AEZK Size: 1024B - Virtual size: 585B

.Rncx
Size: 1024B - Virtual size: 18KB

.text
Size: 18KB - Virtual size: 18KB

.bmTUB
Size: 1KB - Virtual size: 1KB

.WySP
Size: 3KB - Virtual size: 2KB

.rWIqOwD
Size: 1KB - Virtual size: 1KB

.nrrW
Size: 3KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 325KB

.rdata
Size: 208KB - Virtual size: 207KB

.EmBZyQ
Size: 3KB - Virtual size: 2KB

.PtVR
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 10KB - Virtual size: 10KB

.TlfSNwR
Size: 2KB - Virtual size: 1KB

.AEZK
Size: 1024B - Virtual size: 585B