e93a69df2827a8ddfc4841ed0502ea43_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e93a69df2827a8ddfc4841ed0502ea43_JaffaCakes118
Size

848KB
MD5

e93a69df2827a8ddfc4841ed0502ea43
SHA1

0b9f2a85647d6a64de8ab45059b369337327be8e
SHA256

56aa35d5ed20c8ebb2d0cf24933b65d4e81975495cf7952e6530da9f69798761
SHA512

f190fd2e8d14dbaf429b3e1ed073db292cd3e454c0a224e76db5971d9c3445b4f1166948b6dc35fb2b5d1cd66810ef25e5eeca17fa283c647d7dfd73cb59cafd
SSDEEP

24576:qF8kE/sBw+vtziyIXvsT4MDzzdnbL4/JQvHNHWx:qF8X/sBtvxiXvsT7/zxbu8N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e93a69df2827a8ddfc4841ed0502ea43_JaffaCakes118

Files

e93a69df2827a8ddfc4841ed0502ea43_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2892dd316b9d1a84272228c62846c621

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLCID
BaseDumpAppcompatCache
GetConsoleAliasExesW
EnumCalendarInfoExA
SetProcessAffinityMask
WriteConsoleOutputAttribute
PeekConsoleInputA
CreateDirectoryA
PrivCopyFileExW
GetUserDefaultLCID
GlobalHandle
VirtualAlloc
GetEnvironmentStringsW
HeapWalk
VirtualFreeEx
GetCompressedFileSizeA
ReadDirectoryChangesW
QueryInformationJobObject
GetConsoleTitleA
DeleteFileA
CreateTimerQueueTimer
FlushConsoleInputBuffer
GetExitCodeProcess
FlushViewOfFile
TlsSetValue
LoadLibraryA

iphlpapi

GetAdaptersAddresses
_PfMakeLog@4
_PfSetLogBuffer@28
InternalGetIfTable
InternalGetIpNetTable
SetIpStatistics
GetIpForwardTable
GetUdpStatisticsEx
_PfAddFiltersToInterface@24
AllocateAndGetIpAddrTableFromStack
SetIpTTL
GetIpStatisticsEx
GetUdpStatistics
InternalDeleteIpForwardEntry
do_echo_req
NotifyRouteChange
SetIpNetEntry
InternalCreateIpNetEntry
Icmp6CreateFile
GetTcpTable
AddIPAddress
DeleteIpNetEntry
register_icmp
_PfRebindFilters@8
IcmpCloseHandle

comsvcs

CoCreateActivity
GetMTAThreadPoolMetrics
DispManGetContext
ComSvcsLogError
CoLoadServices
MiniDumpW
RecycleSurrogate
GetTrkSvrObject
MTSCreateActivity
ComSvcsExceptionFilter
CosGetCallContext
CoLeaveServiceDomain
CoEnterServiceDomain
SafeRef
GetObjectContext

msasn1

ASN1char16string_cmp
ASN1CEREncOctetString
ASN1BEREncUTF8String
ASN1BEREncZeroMultibyteString
ASN1octetstring_cmp
ASN1BEREncTag
ASN1BEREncObjectIdentifier2
ASN1_Decode
ASN1BEREncUTCTime
ASN1uint32_uoctets
ASN1charstring_free
ASN1_CreateEncoder
ASN1BERDecUTF8String
ASN1BERDecObjectIdentifier2
ASN1_CloseEncoder
ASN1open_free
ASN1BERDecZeroChar32String
ASN1BEREncNull
ASN1BEREncEoid
ASN1_FreeEncoded
ASN1CEREncNewBlkElement

comsnap

InstallDsExtension

crtdll

_strrev
_cexit
_mbctolower
_gcvt
_ismbcl2
_wtoi
sin
_tolower
wcschr
_daylight_dll
_fpclass
_jn
_except_handler2
_mbsbtype
atoi
_CIcos
_mbscpy

Sections

.text
Size: 756KB - Virtual size: 756KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2892dd316b9d1a84272228c62846c621

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

iphlpapi

comsvcs

msasn1

comsnap

crtdll

Sections

.text Size: 756KB - Virtual size: 756KB

.rdata Size: 83KB - Virtual size: 82KB

.data Size: 4KB - Virtual size: 1.4MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 756KB - Virtual size: 756KB

.rdata
Size: 83KB - Virtual size: 82KB

.data
Size: 4KB - Virtual size: 1.4MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB