19d7aa9a9e5c5f5c3f8866d37a2a5b65_JaffaCakes118

General

Target

19d7aa9a9e5c5f5c3f8866d37a2a5b65_JaffaCakes118
Size

19KB
MD5

19d7aa9a9e5c5f5c3f8866d37a2a5b65
SHA1

d3c4fae076515bb05ee570a93c22db0b665dcadc
SHA256

4501669e450afd7e7b8336b97d85692821f3ad29829ceafee0e10f6a3846ba8d
SHA512

549f42ce82c8d0c258b99e548ed1bdd47957d679018657710449a422e9af93198bbec9cfdf518a9b1b1ba681a9ce19242a3699152c419f0bf90e3068cc6a6734
SSDEEP

384:bthFiYz4hQ4fCb73mdIqBi7vl9z9thHZVyaU:RT3VQI2ddBw9zftZnU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19d7aa9a9e5c5f5c3f8866d37a2a5b65_JaffaCakes118

Files

19d7aa9a9e5c5f5c3f8866d37a2a5b65_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d7dd6cfcb3bb52b06a3216077ca1daa1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeConsole
GetVolumeNameForVolumeMountPointA
UpdateResourceA
GetTimeFormatA
GetProcessVersion
GetLogicalDriveStringsA
GetModuleFileNameA
OpenWaitableTimerA
SetDefaultCommConfigA
VirtualAllocEx
EnumSystemLocalesA
GetConsoleTitleA
SetConsoleInputExeNameA
DisableThreadLibraryCalls
ReadConsoleA

odbc32

SQLCancel

crypt32

CertFreeCRLContext

dhcpcsvc

DhcpUndoRequestParams

user32

CreateWindowExA
GetKeyboardLayoutNameA
SetInternalWindowPos
GetAncestor
GetDoubleClickTime
OpenDesktopA
EnableWindow
GetNextDlgTabItem
TranslateAcceleratorA
DestroyReasons
DeregisterShellHookWindow
GetPropA
ScrollWindowEx

advapi32

AddAce
GetAce

authz

AuthzOpenObjectAudit

Exports

Exports

CreateFulqgoionk
Wgvyejjhyp
Vnbqbmn
BeginUhaldpmocak
Txiavbg
CloseQkawqgkhoc
WriteGlpjmwlhhy
OpenJdsgdqnk
CloseDnobrgdso
ReadPenosqnhjm
SetLydsoled
IsTwrgatonxm
WritePndunqacl
OpenGcrkobi
Ewpaiqgg
CloseHmvbiacdi
EndTjucsneny
EndWrshtwnl

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7dd6cfcb3bb52b06a3216077ca1daa1

Headers

File Characteristics

Imports

kernel32

odbc32

crypt32

dhcpcsvc

user32

advapi32

authz

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 5KB - Virtual size: 22KB

.data Size: 1024B - Virtual size: 600B

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 872B

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 5KB - Virtual size: 22KB

.data
Size: 1024B - Virtual size: 600B

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 872B