f835cb0a54c4ff2ba3953b4f8d19eb5a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f835cb0a54c4ff2ba3953b4f8d19eb5a_JaffaCakes118
Size

1.1MB
MD5

f835cb0a54c4ff2ba3953b4f8d19eb5a
SHA1

955145ce30f33f80ef36ca21ca0a626b75f56dd5
SHA256

b00e9c3b394cbe3ef402557ad794455fe97ad7fa4d7dc121b9f3a7e288b39f7d
SHA512

300e41596d7c7d7adeb5343f3a24e5a71c8b38a79a9481e28a555fe86b62c5d55183201e63e1a23065d52593f4ac9bcfdf92027988de03bc3181d05a12e9acb0
SSDEEP

24576:MPq4o9F7fH4SJm7HY/DhVN1tN1+YuUAx1D:MSTFrYYHVNfv+YA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f835cb0a54c4ff2ba3953b4f8d19eb5a_JaffaCakes118

Files

f835cb0a54c4ff2ba3953b4f8d19eb5a_JaffaCakes118
.exe windows:8 windows x86 arch:x86

50cc3b66a9b1889acc79a1f896c29346

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

RegisterClassA
DispatchMessageA
UpdateWindow
DestroyWindow
EndPaint
DefWindowProcA
BeginPaint
GetMessageA
CreateWindowExA
TranslateMessage
ShowWindow
SendMessageA

kernel32

CreateNamedPipeA
InitializeCriticalSectionAndSpinCount
GetLastError
GetEnvironmentVariableA
OpenEventA
GetCurrentProcessId
lstrcatA
CloseHandle
lstrcpyA
ReadFile
GetNamedPipeInfo
SetEvent
CreateEventA
HeapAlloc
GetFileAttributesA
WriteFile
ConnectNamedPipe
HeapFree
HeapDestroy
InterlockedDecrement
lstrlenA
SetFilePointer
GetSystemTime
SystemTimeToFileTime
WaitForMultipleObjects
InterlockedIncrement
GetNamedPipeHandleStateA
LeaveCriticalSection
VirtualAlloc
EnterCriticalSection
VirtualFree
ExitProcess
IsBadStringPtrA
ReadFileEx
CreateFileA
GetCurrentThreadId
GetSystemTimeAsFileTime
GetLocalTime
HeapCreate
InterlockedFlushSList

adsldpc

FindEntryInSearchTable
FreeADsStr
LdapCreatePageControl
LdapNextAttribute
MapLDAPTypeToADSType
BuildADsParentPath
BuildADsParentPathFromObjectInfo
FreeADsMem
ADSIGetNextColumnName
ADsAbandonSearch
LdapGetValues
LdapGetSchemaObjectCount
SchemaGetClassInfoByIndex
ADsSetObjectAttributes
ADSISetSearchPreference
ADsDeleteAttributeDefinition
ADsGetPreviousRow
LdapSearch
BuildADsPathFromParent
AllocADsMem
ADsSetSearchPreference
ADsCreateClassDefinition
SchemaIsClassAContainer
LdapInitializeSearchPreferences
AdsTypeToLdapTypeCopyGeneralizedTime
LdapIsClassNameValidOnServer
LdapTypeToAdsTypeCopyConstruct
LdapTypeFreeLdapModObject
ADsWriteClassDefinition
LdapTypeToAdsTypeGeneralizedTime
SchemaGetPropertyInfoByIndex
LdapReadAttribute2
ADsGetColumn
IsGCNamespace
ADSIModifyRdn
LdapModifyExtS
ADsCreateAttributeDefinition
BuildADsPathFromLDAPPath
LdapcSetStickyServer

Sections

.text
Size: 719KB - Virtual size: 719KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 421KB - Virtual size: 421KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50cc3b66a9b1889acc79a1f896c29346

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

adsldpc

Sections

.text Size: 719KB - Virtual size: 719KB

.data Size: 421KB - Virtual size: 421KB

.rsrc Size: 12KB - Virtual size: 3.1MB

.text
Size: 719KB - Virtual size: 719KB

.data
Size: 421KB - Virtual size: 421KB

.rsrc
Size: 12KB - Virtual size: 3.1MB