3c77e5be90cd86188e108c19b30ef310_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c77e5be90cd86188e108c19b30ef310_JaffaCakes118
Size

855KB
MD5

3c77e5be90cd86188e108c19b30ef310
SHA1

a4cbc42d588d89da0e51b42f3498d2856c82aa63
SHA256

63b74229568c0566c5c868b217a3a9f2282978c09cb3b6705dc661c5ff30d7f8
SHA512

857b45c545d4f5b3761da9a373b29dc74fc5bbea5e73b1127d8b3cdf29b5b2adc7688ef5ab184f4e0d6af4c5861d828d48410fe4df25ad7026eff0c5b9b5c74a
SSDEEP

24576:IhniUXhSDSH4UkWgGJFFmi936QS5apaO:giU0DS0WgGbFmipMeaO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c77e5be90cd86188e108c19b30ef310_JaffaCakes118

Files

3c77e5be90cd86188e108c19b30ef310_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a416e23d5aa685beb093144a3bdfeec2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dsauth

StoreGetHandle
DhcpDsGetRoot
StoreEndSearch
DhcpDsGetAttribs
StoreInitHandle
StoreSetSearchSubTree
DhcpDsValidateService
StoreCleanupHandle
DhcpDsDelServer
DhcpDsCleanupDS
DhcpDsSetLists
DhcpAddServerDS
StoreSetSearchOneLevel
DhcpDsEnumServers
DhcpDsAddServer
StoreSearchGetNext
StoreBeginSearch
StoreCollectAttributes
StoreCreateObjectVA
DhcpDeleteServerDS
DhcpEnumServersDS
StoreDeleteObject
DhcpDsInitDS
DhcpDsGetLists

msvcrt

_wcsset
_pipe
_mbbtype
?raw_name@type_info@@QBEPBDXZ
fabs
??_Eexception@@UAEPAXI@Z
_callnewh
_mbsinc
atan2
_mktemp
swprintf
_cabs
_endthreadex
_getmbcp
_inpd

kernel32

SetCurrentDirectoryW
lstrlen
HeapSummary
GlobalFindAtomA
AddAtomA
GetFileType
VirtualFree
SetConsoleNumberOfCommandsA
SetConsoleOS2OemFormat
VirtualAlloc
SetCommBreak
_lopen
VerLanguageNameA
LoadLibraryA
GetStringTypeExA
CreateHardLinkA
IsValidCodePage
LZClose
GetDevicePowerState

user32

GetTabbedTextExtentA
GetUpdateRect
DdePostAdvise
DialogBoxIndirectParamAorW
GetClipboardFormatNameW
ScreenToClient
CopyIcon
EndDialog
DefWindowProcA
EnumDesktopWindows
SetDeskWallpaper
DefDlgProcW
GetClipCursor
IMPGetIMEA
SendMessageW
LookupIconIdFromDirectoryEx
SwapMouseButton
LoadImageW
GetCursorInfo
MapWindowPoints
GetOpenClipboardWindow
GetClassNameA
MessageBoxW
DialogBoxIndirectParamA

ole32

WdtpInterfacePointer_UserMarshal
EnableHookObject
HBRUSH_UserMarshal
OleConvertIStorageToOLESTREAMEx
CoInstall
CoCopyProxy
ReadClassStm
CreateClassMoniker
HWND_UserMarshal
StgCreateDocfile
SetErrorInfo
CoInitializeWOW
HICON_UserSize
CoGetInstanceFromIStorage
ReadClassStg
ReadFmtUserTypeStg
HMETAFILEPICT_UserFree
HMENU_UserFree
HBRUSH_UserFree
HICON_UserUnmarshal
DllDebugObjectRPCHook
STGMEDIUM_UserFree
GetErrorInfo
HACCEL_UserSize

nddeapi

NDdeIsValidAppTopicListA
NDdeSetShareSecurityW
NDdeTrustedShareEnumA
NDdeSetTrustedShareA
NDdeShareAddA
NDdeGetErrorStringA
NDdeShareGetInfoA
NDdeIsValidAppTopicListW
NDdeShareAddW
NDdeIsValidShareNameA
NDdeShareEnumW
NDdeSetShareSecurityA
NDdeSpecialCommandW
NDdeSpecialCommandA
NDdeGetShareSecurityA
NDdeShareDelA

shell32

SHGetMalloc

Sections

.text
Size: 755KB - Virtual size: 754KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a416e23d5aa685beb093144a3bdfeec2

Headers

DLL Characteristics

File Characteristics

Imports

dsauth

msvcrt

kernel32

user32

ole32

nddeapi

shell32

Sections

.text Size: 755KB - Virtual size: 754KB

.rdata Size: 91KB - Virtual size: 90KB

.data Size: 5KB - Virtual size: 1.5MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 755KB - Virtual size: 754KB

.rdata
Size: 91KB - Virtual size: 90KB

.data
Size: 5KB - Virtual size: 1.5MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB