45e0f272ee9482e32c4c4ab222817672_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

45e0f272ee9482e32c4c4ab222817672_JaffaCakes118
Size

40KB
MD5

45e0f272ee9482e32c4c4ab222817672
SHA1

212308da33dcf9cd9b0f9e348f22c7e83306267f
SHA256

055c7a8a3eeadbb3d614bd491568280f14ad016381640ad9905c7c7c74d5279c
SHA512

7c478ade21c417cb86a6cd8ab3fb131ddcdbf3211e70eda1915e635f68762b89cf3e9b676bffe489bb3080c16304b7485cd80c0249b16bfd2fa58caaabd9426e
SSDEEP

768:aZoW8FCuAS1M6PdvGPzJC0dNSC6h8k2BRy3WthdZe0u79RQVMCc:aZoxFCuAd65A00dNSC6hOBRy3WtZe0K3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45e0f272ee9482e32c4c4ab222817672_JaffaCakes118

Files

45e0f272ee9482e32c4c4ab222817672_JaffaCakes118
.exe windows:5 windows x86 arch:x86

72d4a813084725e442cc688f2d8184c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalCompact
SetCriticalSectionSpinCount
WriteConsoleOutputA
EnumCalendarInfoExA
CreateFiberEx
FindActCtxSectionGuid
WritePrivateProfileStringW
GetConsoleAliasExesW
VDMConsoleOperation
SetComputerNameExW
SetTapeParameters
GlobalAddAtomW
FillConsoleOutputCharacterW
WritePrivateProfileSectionA
GetDriveTypeA
UnlockFileEx
GetSystemTimeAsFileTime
EnumCalendarInfoA
SetProcessWorkingSetSize
GetThreadLocale
QueueUserAPC
GlobalHandle
GetConsoleCursorMode
GetSystemWow64DirectoryW
SetComPlusPackageInstallStatus
CreateMailslotW
EnumSystemLanguageGroupsW
IsValidLanguageGroup
VerifyVersionInfoW
GlobalFindAtomA
WriteConsoleW
LZClose
HeapAlloc
FindNextVolumeMountPointA
CreateJobObjectW
LockResource
FindClose
SetConsoleMenuClose
LoadLibraryA
GetFullPathNameW
GlobalWire
CopyLZFile
FillConsoleOutputCharacterA
GlobalFlags
CreateHardLinkW
HeapCompact
RegisterConsoleIME
SearchPathW
GetTapePosition
RequestWakeupLatency
_hwrite
WaitForSingleObjectEx
InitAtomTable
SetCommConfig
HeapFree
GetVolumeInformationA
Module32NextW
VirtualQuery
FillConsoleOutputAttribute
GetFirmwareEnvironmentVariableA
SetNamedPipeHandleState
VirtualAlloc
GetLocaleInfoA
FindActCtxSectionStringA
GetWindowsDirectoryW
OpenJobObjectA
VirtualLock
GetConsoleKeyboardLayoutNameA
CreateNamedPipeA
CreateSocketHandle

comdlg32

PrintDlgW
ChooseFontA
PrintDlgA
GetSaveFileNameA
WantArrows
ReplaceTextA
LoadAlterBitmap
FindTextA
ChooseFontW
FindTextW
GetSaveFileNameW
ChooseColorW
ChooseColorA
dwLBSubclass
PrintDlgExA
CommDlgExtendedError
GetOpenFileNameA
GetOpenFileNameW
dwOKSubclass
GetFileTitleW
PrintDlgExW
GetFileTitleA
PageSetupDlgA
Ssync_ANSI_UNICODE_Struct_For_WOW
ReplaceTextW

samlib

SamCloseHandle
SamQuerySecurityObject
SamQueryInformationUser
SamLookupDomainInSamServer
SamRemoveMemberFromForeignDomain
SamQueryInformationDomain
SamSetSecurityObject
SamiChangeKeys
SamRemoveMultipleMembersFromAlias
SamOpenDomain
SamOpenAlias
SamSetInformationAlias
SamQueryInformationAlias
SamiChangePasswordUser2
SamSetInformationUser
SamSetMemberAttributesOfGroup
SamAddMultipleMembersToAlias
SamEnumerateAliasesInDomain
SamiSetDSRMPasswordOWF
SamEnumerateGroupsInDomain
SamConnect
SamFreeMemory
SamCreateGroupInDomain
SamGetMembersInAlias
SamiOemChangePasswordUser2
SamGetAliasMembership
SamCreateUserInDomain
SamiChangePasswordUser
SamiLmChangePasswordUser
SamAddMemberToAlias
SamTestPrivateFunctionsUser
SamShutdownSamServer
SamiSetDSRMPassword
SamOpenGroup
SamiEncryptPasswords

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72d4a813084725e442cc688f2d8184c1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comdlg32

samlib

Sections

.text Size: 30KB - Virtual size: 30KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 1024B - Virtual size: 38KB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 30KB - Virtual size: 30KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 1024B - Virtual size: 38KB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B