fdc85013066a66d2b09cb9b8e0b8e2aa_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fdc85013066a66d2b09cb9b8e0b8e2aa_JaffaCakes118
Size

83KB
MD5

fdc85013066a66d2b09cb9b8e0b8e2aa
SHA1

e7b3ae4cf2eabb3522b2bbf0ba0c7238ac671a0b
SHA256

49785bd16ce8034cde002f71355446b51267696aeb9d422a6ed952ccf2c3605f
SHA512

abbc6b1d637eb2e6cba5e128ecb96ef07f72f2538db74ee9044f1d58033d458b4f089b0b8b7aa2f49f8e1c1d4d1fee775d1bfafa0e72ff245b871d0b08b4ed2d
SSDEEP

1536:GblagF9KIH+jege2ZEY7ayD32wM2Tl7nr5Ql9FOaB+hHU2GY:qTXKIdge2ZzjnVr66aAAY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdc85013066a66d2b09cb9b8e0b8e2aa_JaffaCakes118

Files

fdc85013066a66d2b09cb9b8e0b8e2aa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0394a2897bd1b6dc8740775c3b90390a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
SuspendThread
GetFirmwareEnvironmentVariableW
OpenFileMappingW
GetTickCount
DnsHostnameToComputerNameW
LoadLibraryA
BeginUpdateResourceW
GetVersion
QueryPerformanceCounter
GetStartupInfoA
GetCurrentProcessId
GetCurrentThreadId
SetDefaultCommConfigW
VirtualAlloc
GetCompressedFileSizeW
DosDateTimeToFileTime
CreateNamedPipeA
SetConsoleOutputCP
GetHandleInformation

msvcp60

?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?denorm_min@?$numeric_limits@_N@std@@SA_NXZ
?copyfmt@?$basic_ios@GU?$char_traits@G@std@@@std@@QAEAAV12@ABV12@@Z
?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIXZ
?do_is@?$ctype@G@std@@MBE_NFG@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$collate@D@std@@QAE@ABV_Locinfo@1@I@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIPBD@Z
?_Getctype@_Locinfo@std@@QBE?AU_Ctypevec@@XZ
?assign@?$char_traits@D@std@@SAPADPADIABD@Z
?_Pdif@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAIPBG0@Z
?_Init@?$ctype@G@std@@IAEXABV_Locinfo@2@@Z
?quiet_NaN@?$numeric_limits@K@std@@SAKXZ
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z

msvcrt20

_wfullpath
_safe_fdivr
_ismbbkprint
__threadhandle
wctomb
?pcount@strstream@@QBEHXZ
??0ofstream@@QAE@H@Z
?is_open@ofstream@@QBEHXZ
?opfx@ostream@@QAEHXZ
_tell
?pbackfail@streambuf@@UAEHH@Z
_utime
__p__amblksiz
??1Iostream_init@@QAE@XZ
wcscspn
??0fstream@@QAE@XZ

ntdll

NtQueryBootOptions
ZwSetTimer
RtlIpv6AddressToStringA
RtlAreBitsClear
NtReplyWaitReceivePortEx
KiRaiseUserExceptionDispatcher
ZwAddAtom
ZwCreateNamedPipeFile
RtlTimeFieldsToTime
ZwSetSystemTime
RtlDeleteAce
RtlConvertExclusiveToShared
RtlpNotOwnerCriticalSection

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0394a2897bd1b6dc8740775c3b90390a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcp60

msvcrt20

ntdll

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 30KB - Virtual size: 93KB

.rsrc Size: 20KB - Virtual size: 19KB

.reloc Size: 512B - Virtual size: 268B

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 30KB - Virtual size: 93KB

.rsrc
Size: 20KB - Virtual size: 19KB

.reloc
Size: 512B - Virtual size: 268B