fd02f60561ef77e5f169fe132b97f971_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fd02f60561ef77e5f169fe132b97f971_JaffaCakes118
Size

1.1MB
MD5

fd02f60561ef77e5f169fe132b97f971
SHA1

ff2229866044b7ccbd5ca7c217e607e071dbaf75
SHA256

75f0290a05dadc484dc283786055fb59fbb82a387ed0938b8172823b13246256
SHA512

ae47047767bd7379b22a0a109f0f85125015ebcebe7ebb2e065745d5991f6ceb75ef775f8f1f605ae0aa652bf2f4770544ee1af01cfb77ab9474e6a1c3033545
SSDEEP

24576:OB86F+C99EBz7xidSBhUrRMYVmghRH54u1dT2uqWi/1lruj2afD:y86wCESCEmgh5CUiDrut

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd02f60561ef77e5f169fe132b97f971_JaffaCakes118

Files

fd02f60561ef77e5f169fe132b97f971_JaffaCakes118
.exe windows:1 windows x86 arch:x86

aaac1fc84b42940516a2f8689532fa7f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

UpdateWindow
SendMessageA
DefWindowProcA
CreateWindowExA
RegisterClassA
BeginPaint
DestroyWindow
TranslateMessage
GetMessageA
DispatchMessageA
EndPaint
ShowWindow

adsldpc

ADsSetLastError
ADSICreateDSObject
SchemaClose
ADsExecuteSearch
LdapOpenObject
LdapGetValues
UnMarshallLDAPToLDAPSynID
ConvertU2TrusteeToSid
LdapModifyS
LdapTypeFreeLdapModList
ConvertSidToString
ADSICloseDSObject
LdapGetDn
ADsWriteClassDefinition
LdapParseResult
ADsGetObjectAttributes
BuildLDAPPathFromADsPath2
ADSIGetFirstRow
ADsEnumClasses
ADSIGetPreviousRow
LdapOpenObject2
LdapDeleteS
AdsTypeToLdapTypeCopyConstruct
ADsCreateDSObjectExt
SortAndRemoveDuplicateOIDs
LdapMemFree
LdapTypeBinaryToString
LdapcKeepHandleAround
LdapTypeFreeLdapModObject
FreeADsStr
LdapTypeToAdsTypeUTCTime
SchemaGetPropertyInfo
Component
LdapResult
LdapMsgFree
FindEntryInSearchTable
LdapReadAttributeFast

kernel32

SetFilePointer
GetProcessHeap
ConnectNamedPipe
HeapCreate
WriteFile
GetFileAttributesA
CreateNamedPipeA
HeapDestroy
GetSystemTimeAdjustment
SetEnvironmentVariableA
SetNamedPipeHandleState
CreateEventA
DosDateTimeToFileTime
ReadFile
GetSystemTime
CloseHandle
ExitProcess
TransactNamedPipe
GetLastError
CreateFileA
InterlockedDecrement
CompareStringA
ExpandEnvironmentStringsA
FreeEnvironmentStringsA
InterlockedIncrement
FileTimeToDosDateTime
lstrcmpiA
WriteFileEx
GetLocalTime
HeapFree
VirtualFree
LeaveCriticalSection
OpenEventA
GetStringTypeA
EnterCriticalSection
GetFileTime
HeapAlloc
VirtualAlloc
WaitForMultipleObjects
InitializeCriticalSection
SetEvent
GetEnvironmentStringsA

Sections

.text
Size: 907KB - Virtual size: 907KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aaac1fc84b42940516a2f8689532fa7f

Headers

DLL Characteristics

File Characteristics

Imports

user32

adsldpc

kernel32

Sections

.text Size: 907KB - Virtual size: 907KB

.data Size: 121KB - Virtual size: 120KB

.rsrc Size: 102KB - Virtual size: 3.2MB

.text
Size: 907KB - Virtual size: 907KB

.data
Size: 121KB - Virtual size: 120KB

.rsrc
Size: 102KB - Virtual size: 3.2MB