35d47339bc7352f44b43186a24cf3119_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

35d47339bc7352f44b43186a24cf3119_JaffaCakes118
Size

45KB
MD5

35d47339bc7352f44b43186a24cf3119
SHA1

0a5b459ef391c5fb1f164e6ce8ca962fda591c3b
SHA256

df7253c4e64eba9d1f58c6f9ca94f8110999fcf996860e26d53890bbfad4721b
SHA512

d592303c8649ac2634bd38b89374e41e72f5cc19a6e97c8cfa861fc370360fd5b5f57484c136bee6f72094245073a832c435bd056099169096ed443cc8ffc382
SSDEEP

768:fvxDE252/vdIV4kl9ouFTunEd2GbNtzrPSTaOSAoXezQdcAG5VfBWzOBh9uw:JE4CEUGbNtvvAieYcAGDfBWaHIw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35d47339bc7352f44b43186a24cf3119_JaffaCakes118

Files

35d47339bc7352f44b43186a24cf3119_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dc5bd2cc4a9f0635ab09c145b0d3f781

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetPropertyDialogW
WNetGetPropertyTextW
WNetGetUniversalNameW
WNetCloseEnum
WNetFormatNetworkNameA
WNetGetConnectionW
WNetGetConnection3W
WNetGetLastErrorW
WNetGetNetworkInformationW
WNetPasswordChangeNotify
WNetGetResourceParentW
WNetGetResourceParentA
WNetGetHomeDirectoryW
WNetClearConnections
WNetGetSearchDialog
WNetGetProviderNameW
WNetUseConnectionA

msvcrt

??1bad_cast@@UAE@XZ
_CIlog
??_Ebad_cast@@UAEPAXI@Z
_ismbcl2
_CIacos
abs
__badioinfo
_mbschr
_control87
_strerror
_open
?terminate@@YAXXZ
_mbctolower
_ismbckata
_umask
??_V@YAXPAX@Z
_osplatform

kernel32

EnumCalendarInfoW
lstrcpyW
UnmapViewOfFile
CreateWaitableTimerA
RemoveLocalAlternateComputerNameA
SetFirmwareEnvironmentVariableA
DeleteFileA
GlobalFindAtomA
GetTapePosition
SetCalendarInfoA
SetStdHandle
CreateJobSet
GetProcessAffinityMask
RemoveLocalAlternateComputerNameW
ReleaseSemaphore
IsValidCodePage
LoadLibraryA
WriteTapemark
LZOpenFileA
SetDefaultCommConfigA
GetNamedPipeHandleStateW
VirtualAlloc

crtdll

strtok
_strncnt
_chdrive
_wtol
_fpieee_flt
_strrev
_rotl
iswdigit
fwrite
_mbsnicmp
_XcptFilter
_fileinfo_dll
_seterrormode
_msize
mbstowcs
_spawnv
rewind
_cgets
strxfrm
_ctype

user32

EndDialog
MessageBoxA

olepro32

OleCreateFontIndirect
OleTranslateColor
OleIconToCursor
OleCreatePropertyFrameIndirect
OleLoadPicture
OleCreatePictureIndirect
OleCreatePropertyFrame

shell32

SHGetMalloc

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc5bd2cc4a9f0635ab09c145b0d3f781

Headers

DLL Characteristics

File Characteristics

Imports

mpr

msvcrt

kernel32

crtdll

user32

olepro32

shell32

Sections

.text Size: 37KB - Virtual size: 37KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1KB - Virtual size: 31KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 37KB - Virtual size: 37KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1KB - Virtual size: 31KB

.rsrc
Size: 1KB - Virtual size: 1KB