27a5eff73192f50ba294029a102fd4ff_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

27a5eff73192f50ba294029a102fd4ff_JaffaCakes118
Size

83KB
MD5

27a5eff73192f50ba294029a102fd4ff
SHA1

47f5c4a0466556b77cf6e8c3903e5a66a86a499f
SHA256

57c6085b98874f64378f412c0491597df132adbf62dbda86e4bdef331bff3ca6
SHA512

ddfed471ac89334eb5986d8bf6d8b38c77390200fc89c626ac1f2331e8b876ed77f31f59f920167ebbc5d5995be84dce5a7af15d3a99173f943472483bb3efe5
SSDEEP

1536:A2vBmwBBSjHaO3XeQyb/EHgQXz//oDZIAtINzfAxJ4A06ZhMXn4s9LV:A2vBTCj1XBXz/ADZxHX4uW4sJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27a5eff73192f50ba294029a102fd4ff_JaffaCakes118

Files

27a5eff73192f50ba294029a102fd4ff_JaffaCakes118
.exe windows:5 windows x86 arch:x86

62a541098bdc9074f7484e638ab92112

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasClearConnectionStatistics
RasEnumConnectionsW
RasScriptTerm
RasSetEntryDialParamsW
RasSetCredentialsW
RasScriptSend
RasGetEapUserIdentityW
RasGetSubEntryPropertiesW
RasFreeEapUserIdentityA
RasDeleteSubEntryA
RasEnumConnectionsA
RasSetEapUserDataW
RasSetEntryDialParamsA
RasGetHport
RasValidateEntryNameW
RasSetAutodialParamA

setupapi

SetupDiRegisterDeviceInfo
SetupPromptForDiskW
SetupGetSourceInfoW
CM_Get_Device_ID_List_ExA
SetupDiGetSelectedDriverW
SetupQueryFileLogW
CM_Get_Next_Res_Des_Ex
CM_Get_Class_Name_ExA
pSetupGetInfSections
MyFree

kernel32

IsProcessInJob
BuildCommDCBW
GetCurrentProcessId
GetSystemTimeAsFileTime
GlobalAddAtomW
SetFilePointer
VirtualAlloc
GetTickCount
GetProcAddress
GetCurrentThreadId
GetEnvironmentStrings
CreateMutexW
GetUserDefaultLangID
LocalReAlloc
SetThreadUILanguage
UnregisterWait
QueryPerformanceCounter
DefineDosDeviceA
lstrcmpiA
AddConsoleAliasA
LoadLibraryA
GetComputerNameExW
CommConfigDialogW
GetModuleHandleW
SystemTimeToFileTime
GetThreadContext
HeapCreate

msvcp60

?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEAAV01@ABV01@@Z
?_Id_cnt@id@locale@std@@0HA
??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
?conj@std@@YA?AV?$complex@M@1@ABV21@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
?id@?$collate@G@std@@2V0locale@2@A
??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@D@Z
?sputbackc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62a541098bdc9074f7484e638ab92112

Headers

DLL Characteristics

File Characteristics

Imports

rasapi32

setupapi

kernel32

msvcp60

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 20KB - Virtual size: 80KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 512B - Virtual size: 252B

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 20KB - Virtual size: 80KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 512B - Virtual size: 252B