274f4c4ce68533ca8779ec7225294921_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

274f4c4ce68533ca8779ec7225294921_JaffaCakes118
Size

849KB
MD5

274f4c4ce68533ca8779ec7225294921
SHA1

d2e1388163f04a7545b416979a2e63a62d9c64cb
SHA256

9ba886a76b10ed94a47cdd9edbaeb7c790d40c59a8bda0ac8a0cf564c4f7fe15
SHA512

607f40c4053873f81b88585b01dc99124e231f7bac2d84e45b90c3e41fd0cf51d60fbc21d932dde291cf84359ab6e4a377ab32f7640c40efeec8857481c895ea
SSDEEP

24576:6Ntec6KDlwmXqCYTBTI3C/Tcl+5laV5OEfxQ66ruGiVsmPB9Dl/ix:Mv6CcTI3AViOQN6fwPB9Dl/i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
274f4c4ce68533ca8779ec7225294921_JaffaCakes118

Files

274f4c4ce68533ca8779ec7225294921_JaffaCakes118
.exe windows:5 windows x86 arch:x86

690564d7fdf8490deabbca78a88f118f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstanceEx
StgGetIFillLockBytesOnILockBytes
CoRegisterMessageFilter
HGLOBAL_UserUnmarshal
CoInitializeEx
HBRUSH_UserMarshal
OleFlushClipboard
CreateErrorInfo
OleLoad
CoGetMalloc
ComPs_NdrDllUnregisterProxy
OleCreateEmbeddingHelper
OleDuplicateData
UpdateDCOMSettings
HPALETTE_UserUnmarshal
OleCreateLinkToFile
FmtIdToPropStgName
HPALETTE_UserFree
OleCreateStaticFromData
CoCreateObjectInContext

oleaut32

VarUI8FromI1
VarUI8FromDisp
LoadRegTypeLib
VarUI4FromR8
VarAnd
SafeArrayGetElement
VarBstrCmp
VarUI8FromI8
VarDecFix
LPSAFEARRAY_Size
VarBoolFromI2
VarUI2FromI4
VarR8FromStr
VarCySub
VariantInit
VarFormatCurrency
VariantCopy
VarI8FromStr
VarDecFromBool
VarUI4FromUI1
VarCyFromI2

kernel32

TerminateJobObject
GetConsoleCommandHistoryW
SetSystemPowerState
SetNamedPipeHandleState
GetConsoleCommandHistoryLengthA
LockFile
GetTickCount
UTUnRegister
IsValidCodePage
EnumCalendarInfoA
LoadLibraryA
VirtualAlloc
GetCompressedFileSizeW
EnumSystemCodePagesA
SetCommBreak
SetUnhandledExceptionFilter
GetCommState
SetFileValidData
GetSystemWindowsDirectoryA
QueryDosDeviceW
EnumUILanguagesW

samlib

SamiEncryptPasswords
SamChangePasswordUser
SamGetAliasMembership
SamiOemChangePasswordUser2
SamOpenAlias
SamAddMultipleMembersToAlias
SamAddMemberToAlias
SamChangePasswordUser2
SamGetCompatibilityMode
SamEnumerateGroupsInDomain
SamConnectWithCreds
SamShutdownSamServer
SamSetMemberAttributesOfGroup
SamCloseHandle
SamiChangePasswordUser
SamiChangePasswordUser2
SamRemoveMemberFromGroup
SamSetInformationDomain
SamQueryInformationDomain
SamRemoveMemberFromAlias
SamConnect
SamOpenDomain
SamTestPrivateFunctionsUser
SamSetSecurityObject

Sections

.text
Size: 717KB - Virtual size: 716KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

690564d7fdf8490deabbca78a88f118f

Headers

DLL Characteristics

File Characteristics

Imports

ole32

oleaut32

kernel32

samlib

Sections

.text Size: 717KB - Virtual size: 716KB

.rdata Size: 124KB - Virtual size: 123KB

.data Size: 4KB - Virtual size: 1.5MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 717KB - Virtual size: 716KB

.rdata
Size: 124KB - Virtual size: 123KB

.data
Size: 4KB - Virtual size: 1.5MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB