16dde1789f6356d8fc6b838be4f11031_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

16dde1789f6356d8fc6b838be4f11031_JaffaCakes118
Size

1.1MB
MD5

16dde1789f6356d8fc6b838be4f11031
SHA1

11803fd4babdb019a3866472d51d46b78d604a68
SHA256

52a94d8dbcfb385e6bb54b6e0cabdcba7ab86e80e4728deb93a8a985eb5641fa
SHA512

16c3b15cf3ba485fc9b54a040b8628e728d9a988eadf4a3397575b3c6339339f2870fefae781b99e147296ffa49f644beb513889085bbf9534e7c88c5f6d2379
SSDEEP

24576:PORnwwkjV/+KbWCNIT0lt7bdbHqR6T8dBnB19XDS753MZ6/eE:YGVDI0l5tH+jntDSJe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16dde1789f6356d8fc6b838be4f11031_JaffaCakes118

Files

16dde1789f6356d8fc6b838be4f11031_JaffaCakes118
.exe windows:9 windows x86 arch:x86

abc03cb9e9bd2dadf97310d70013c1ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

adsldpc

MapADSTypeToLDAPType
UnMarshallLDAPToLDAPSynID
LdapInitializeSearchPreferences
AdsTypeToLdapTypeCopyConstruct
ADSIGetFirstRow
BerBvFree
GetDefaultServer
LdapReadAttribute2
MapLDAPTypeToADSType
FreeADsMem
BuildADsParentPathFromObjectInfo2
BuildADsPathFromLDAPPath2
ADsSetLastError
AdsTypeToLdapTypeCopyDNWithString
AdsTypeToLdapTypeCopyDNWithBinary
LdapCountEntries
ADsExecuteSearch
ADsWriteClassDefinition
LdapSearchInitPage
ADSIGetNextColumnName
LdapCacheAddRef
LdapTypeBinaryToString
ADsAbandonSearch
LdapSearchExtS
ADsGetLastError
LdapRenameExtS
LdapNextEntry
FreeObjectInfo
ADsFreeColumn
ADsGetObjectAttributes
AllocADsStr
LdapParsePageControl
SchemaGetClassInfoByIndex
AdsTypeFreeAdsObjects
ADSIDeleteDSObject
LdapGetSyntaxIdOfAttribute
SchemaAddRef
LdapSearch
LdapOpenObject2
LdapTypeToAdsTypeUTCTime
ReadServerSupportsIsADControl
LdapMemFree
LdapNextAttribute

kernel32

VirtualAlloc
GetFileAttributesExA
ReadFile
GetLastError
CreateEventA
GetFileTime
CallNamedPipeA
LeaveCriticalSection
WaitForMultipleObjects
InitializeCriticalSection
ReadFileScatter
HeapCreate
EnterCriticalSection
ExitProcess
HeapDestroy
GetProcessHeap
FileTimeToDosDateTime
FileTimeToSystemTime
SetFilePointer
InterlockedCompareExchange
HeapSize
CreateNamedPipeA
GetNamedPipeInfo
FileTimeToLocalFileTime
HeapFree
CreateFileA
HeapQueryInformation
OpenEventA
CloseHandle
SetEvent
HeapAlloc
SetEnvironmentVariableA
GetStringTypeA
VirtualFree
ConnectNamedPipe
GetStringTypeExA

user32

DefWindowProcA
CreateWindowExA
SendMessageA
EndPaint
ShowWindow
GetMessageA
UpdateWindow
DispatchMessageA
RegisterClassA
DestroyWindow
TranslateMessage
BeginPaint

Sections

.text
Size: 943KB - Virtual size: 943KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abc03cb9e9bd2dadf97310d70013c1ad

Headers

DLL Characteristics

File Characteristics

Imports

adsldpc

kernel32

user32

Sections

.text Size: 943KB - Virtual size: 943KB

.data Size: 94KB - Virtual size: 94KB

.rsrc Size: 95KB - Virtual size: 3.2MB

.text
Size: 943KB - Virtual size: 943KB

.data
Size: 94KB - Virtual size: 94KB

.rsrc
Size: 95KB - Virtual size: 3.2MB