0a6cb6d1d1dbf8680e8522dad420ffa0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0a6cb6d1d1dbf8680e8522dad420ffa0_JaffaCakes118
Size

100KB
MD5

0a6cb6d1d1dbf8680e8522dad420ffa0
SHA1

f29f00e8d624460caf20aa32397f4159be218a1e
SHA256

9a62758f6787242bbbef5a1da546fdbe6eb1f69a663cfed3bc53ef4ba33fe37b
SHA512

8c058f3254c6203b351a1b33e615f55e928064222fca345844192de9f787184fead24e33c12387f2292d9e9b6b2dcafa305b57858cbc6519dd470dd5631403c9
SSDEEP

1536:/9cBvC+trg1lvSuG/Imyv3QsFHFQnPx3F6pI2l/fivjocWv0:lcC+Ng1suBmIByXF24vUcWv0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a6cb6d1d1dbf8680e8522dad420ffa0_JaffaCakes118

Files

0a6cb6d1d1dbf8680e8522dad420ffa0_JaffaCakes118
.exe windows:6 windows x86 arch:x86

376b54e5bbe8a31fbe34c4b5b61a4c56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

RpcMgmtWaitServerListen
RpcServerUnregisterIf
RpcServerRegisterIf
RpcServerListen
NdrServerContextMarshall
I_RpcGetBuffer
NDRSContextUnmarshall
RpcRaiseException
RpcServerUseProtseqEpW
NdrConformantVaryingArrayUnmarshall
NdrConformantVaryingArrayBufferSize
NdrConformantVaryingArrayMarshall
RpcMgmtStopServerListening
NdrPointerFree
NdrServerContextUnmarshall
NdrServerInitializeNew
NdrConvert
NdrConformantStringUnmarshall

rpcns4

RpcNsBindingUnexportW

kernel32

lstrlenA
FreeLibrary
GetProcAddress
SetLastError
LoadLibraryA
GetLastError
GetVersionExW
DeleteFileW
CloseHandle
ReadFile
GetFileSize
CreateFileW
SetEvent
WaitForSingleObject
CreateEventW
SetConsoleCtrlHandler
LocalFree
FormatMessageW
GetModuleFileNameW
Sleep
ExitProcess
GetVersionExA
InterlockedIncrement
FindFirstFileW
LoadLibraryW
FindFirstFileA
HeapFree
GetProcessHeap
HeapSize
HeapAlloc
GetPrivateProfileStringW
lstrcmpiW
GetPrivateProfileStringA
lstrcmpiA
IsBadWritePtr
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapReAlloc
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
InterlockedDecrement
GetCPInfo
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
SetFilePointer
IsBadReadPtr
IsBadCodePtr
InitializeCriticalSection
SetStdHandle
FlushFileBuffers
FindClose
RtlUnwind
RaiseException
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetStartupInfoW
TlsFree
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType

winspool.drv

ClosePrinter
GetPrinterDriverA
OpenPrinterW
OpenPrinterA
GetPrinterDriverW
EnumPrinterDriversW
EnumPrinterDriversA

advapi32

EnumDependentServicesW
StartServiceCtrlDispatcherW
DeleteService
ControlService
QueryServiceStatus
StartServiceW
CreateServiceW
RegisterEventSourceW
ReportEventW
DeregisterEventSource
RegisterServiceCtrlHandlerW
EnumServicesStatusW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
SetServiceStatus
RegDeleteKeyW
RegSetValueExW
RegDeleteValueW
RegEnumValueW
RegEnumKeyExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

376b54e5bbe8a31fbe34c4b5b61a4c56

Headers

File Characteristics

Imports

rpcrt4

rpcns4

kernel32

winspool.drv

advapi32

Sections

.text Size: 72KB - Virtual size: 68KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 72KB - Virtual size: 68KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 2KB