40e5e6693ff7fc14ff95a4e1a6152bee_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

40e5e6693ff7fc14ff95a4e1a6152bee_JaffaCakes118
Size

825KB
MD5

40e5e6693ff7fc14ff95a4e1a6152bee
SHA1

e12e2815969782e1ce0fd4ce567571a43b984a96
SHA256

cf1ddef761d6d122ce4648daeda987786620ea5537746762e39dc6feb9c64741
SHA512

68dcd40ee0bcadf8b4786e3f66f1f8489e93b02e3ffc0d02f935b276c17b5f75910e095b303b345de1ff9faad8a3aba0f204b77abc96e27090b80cb7fb24eb4a
SSDEEP

12288:m84gOrxu7JbFAODaEhT204vnJk4BbM8M0Ap1OKkJfYRR1Ad+dL8HImrE:/c1GRNGc4f6U4j9GfYR72KL8H9g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40e5e6693ff7fc14ff95a4e1a6152bee_JaffaCakes118

Files

40e5e6693ff7fc14ff95a4e1a6152bee_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fbb22b24041c0c107a5f77af2f6f329b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winscard

g_rgSCardT1Pci
SCardForgetReaderW
SCardGetCardTypeProviderNameW
SCardEndTransaction
SCardStatusA
SCardConnectA
SCardLocateCardsA
SCardReconnect
SCardConnectW
SCardBeginTransaction
SCardFreeMemory
SCardListReadersW
SCardLocateCardsW
SCardGetStatusChangeW
SCardStatusW
SCardIntroduceReaderW
SCardGetProviderIdA
SCardGetAttrib
SCardForgetReaderGroupA
SCardListCardsW
SCardAddReaderToGroupA
SCardReleaseNewReaderEvent
SCardListInterfacesW
SCardReleaseStartedEvent
SCardAddReaderToGroupW

kernel32

SetInformationJobObject
IsBadStringPtrW
UpdateResourceA
LZCloseFile
GetSystemTimeAdjustment
GetStartupInfoA
GetCalendarInfoW
LZClose
TlsAlloc
EnterCriticalSection
LZStart
CreateMutexW
SetNamedPipeHandleState
GetFileTime
LoadLibraryA
DnsHostnameToComputerNameW
QueryDosDeviceW
ConvertFiberToThread
VirtualAlloc
MapViewOfFile
Thread32First
IsBadStringPtrA
WriteConsoleOutputCharacterA
WriteProfileSectionA
GetProfileIntW
LocalSize
GetExitCodeThread
GetSystemDefaultLangID
GetFullPathNameA
GetFileAttributesW

gdi32

GdiEntry8
GdiEntry9
ColorMatchToTarget
EngUnicodeToMultiByteN
GdiEntry10
ResetDCA
RemoveFontResourceTracking
RestoreDC
PolylineTo
SetBrushAttributes
SelectBrushLocal
EnumObjects
GetBkMode
GdiGetCodePage
CreateEnhMetaFileA
GetEnhMetaFileHeader
GetEUDCTimeStampExW
Escape
ExtEscape
SetVirtualResolution
DdEntry39
GdiEntry7

activeds

PropVariantToAdsType
ConvertSecDescriptorToVariant
ADsDecodeBinaryData
ADsSetLastError
FreeADsMem
AdsTypeToPropVariant2
DllGetClassObject
ADsEnumerateNext
ReallocADsStr
ADsGetLastError
SecurityDescriptorToBinarySD
DllCanUnloadNow
ADsBuildVarArrayStr
ADsFreeEnumerator
ADsBuildEnumerator
ADsEncodeBinaryData
AdsTypeToPropVariant
AllocADsStr
ReallocADsMem
AdsFreeAdsValues
PropVariantToAdsType2
AllocADsMem
FreeADsStr
ADsGetObject
ADsBuildVarArrayInt
ADsOpenObject
BinarySDToSecurityDescriptor
ConvertSecurityDescriptorToSecDes

msvcrt40

__p___mb_cur_max
??_7logic_error@@6B@
wcsncat
??_Gbad_typeid@@UAEPAXI@Z
feof
__p__winmajor
_strncoll
_ismbcsymbol
?adjustfield@ios@@2JB
_fputwchar
_sys_errlist
_pwctype
_y0
?unbuffered@streambuf@@IBEHXZ
?attach@fstream@@QAEXH@Z
__setusermatherr
_read
_endthreadex
fgetws
_sleep

imagehlp

SymEnumerateModules
MapDebugInformation
SymGetSymPrev
UnDecorateSymbolName
SymGetLinePrev64
SymGetSearchPath
EnumerateLoadedModules
ImageEnumerateCertificates
ImageGetDigestStream
ImageDirectoryEntryToData
SymUnloadModule
FindDebugInfoFile
ImageNtHeader
MapFileAndCheckSumW
ImageGetCertificateHeader
SymEnumerateSymbols
SymGetSymPrev64
SymGetLineNext
GetTimestampForLoadedLibrary
ImageUnload
SymGetTypeFromName
ImageAddCertificate
SymInitialize

clb

ClbAddData
ClbWndProc
CustomControlInfoW
ClbSetColumnWidths
ClbStyleW

msvcrt20

_execv
_safe_fprem
??4istream_withassign@@QAEAAVistream@@PAVstreambuf@@@Z
iswascii
_mbsupr
_gcvt
isspace
strcoll
$I10_OUTPUT
_adj_fpatan
strrchr
_adj_fptan
_tcschr
_winminor
?oct@@YAAAVios@@AAV1@@Z
_msize
cosh
?write@ostream@@QAEAAV1@PBDH@Z
wcscspn
putc
_ultoa

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 565KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbb22b24041c0c107a5f77af2f6f329b

Headers

DLL Characteristics

File Characteristics

Imports

winscard

kernel32

gdi32

activeds

msvcrt40

imagehlp

clb

msvcrt20

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 224KB - Virtual size: 224KB

.data Size: 565KB - Virtual size: 1.9MB

.tls Size: 512B - Virtual size: 4B

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 512B - Virtual size: 340B

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 224KB - Virtual size: 224KB

.data
Size: 565KB - Virtual size: 1.9MB

.tls
Size: 512B - Virtual size: 4B

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 512B - Virtual size: 340B