2d66fffbd934ca631be00e3aeabe3679_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d66fffbd934ca631be00e3aeabe3679_JaffaCakes118
Size

39KB
MD5

2d66fffbd934ca631be00e3aeabe3679
SHA1

6b1200db18307cc94b994707254a6397207501fd
SHA256

bde177bd5bf1461b6f4f38fadda974c11fc0a66121128bfbaae6ed1db82e10c3
SHA512

7c63a07b658544a4d0e7e7f7c2a7a5fd73c134580690016e7dc8273760804641f96e3f25c474dc79c276dff527d5694ca945f9da7d6a77895ad1f80dcf4394e6
SSDEEP

768:kyiqVFjr/7OVRdRd1pTc2xP4eTtEc6JswKN5EPVLbvM9P0tITsWmKCOWAUr1:D9jfOVR/DXcKNCdLjMxbfmKCOWAU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d66fffbd934ca631be00e3aeabe3679_JaffaCakes118

Files

2d66fffbd934ca631be00e3aeabe3679_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3265c6d5c766001c611ca8f45d62e708

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
CommConfigDialogA
ConnectNamedPipe
FindAtomA
GetProcAddress
AllocConsole
GetSystemDefaultLangID
GetStringTypeA
SetHandleInformation
FindFirstChangeNotificationA
GetExitCodeThread
OpenMutexA
GetFileAttributesExA
QueueUserWorkItem
GetLocaleInfoA
GetSystemPowerStatus
GlobalDeleteAtom
GetDriveTypeA
WriteConsoleOutputAttribute
SetCurrentDirectoryA
IsBadWritePtr
IsBadStringPtrA
SetUnhandledExceptionFilter
WriteConsoleOutputCharacterA
OpenFileMappingA
GetCurrentProcessId
GetThreadLocale
OpenEventA
GetConsoleTitleA
FreeConsole
_lread
GetFileSizeEx
SetThreadLocale
SetWaitableTimer
GetProfileIntA
GetNumberFormatA
ExitProcess
CloseHandle
GetFileSize
GetCommandLineA
TerminateProcess
GetComputerNameA
GetConsoleMode
GetEnvironmentVariableA
WriteConsoleOutputCharacterW
SetConsoleWindowInfo
GetConsoleWindow
ReleaseSemaphore
DisableThreadLibraryCalls
DefineDosDeviceA
GetWindowsDirectoryA
CreateFileMappingA
TransmitCommChar
GetCompressedFileSizeA
GetConsoleAliasExesA
GetVolumeNameForVolumeMountPointA
GetDiskFreeSpaceExA
BeginUpdateResourceA
SetTapePosition
CallNamedPipeA
EnumTimeFormatsA
ReadConsoleOutputCharacterA
ReadConsoleInputA
SetCalendarInfoA
FreeConsole
GetPrivateProfileSectionNamesA
GetPrivateProfileStructA
VirtualAlloc
GetAtomNameA
RegisterWaitForSingleObjectEx
RemoveDirectoryA
GetUserDefaultLangID
GetCPInfoExA
GetCPInfo
PeekConsoleInputA
RaiseException
SetCommTimeouts
lstrcpynA
GetCommTimeouts
SetConsoleHardwareState
SetFilePointerEx
GetTempPathA
MapUserPhysicalPages
GetLocaleInfoA
CloseConsoleHandle
WinExec
GlobalGetAtomNameA
WriteProcessMemory
GetCurrentDirectoryA
ReadFile
GetProfileSectionA
LoadLibraryExA
GetProcessPriorityBoost
FreeResource
GetStdHandle
MapViewOfFileEx
CopyFileA
SetDllDirectoryA
HeapUnlock
GetTapeParameters
LocalReAlloc
DeleteTimerQueue
SetConsoleMode
UnmapViewOfFile
LocalFileTimeToFileTime

d3d8

ValidatePixelShader
ValidateVertexShader

dhcpsapi

DhcpDeleteServer

Exports

Exports

Ynbjdulacac
CreateQspjcuqpba

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3265c6d5c766001c611ca8f45d62e708

Headers

File Characteristics

Imports

kernel32

d3d8

dhcpsapi

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 20KB - Virtual size: 334KB

.idata Size: 3KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 116B

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 20KB - Virtual size: 334KB

.idata
Size: 3KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 116B

.rsrc
Size: 2KB - Virtual size: 2KB