685097e1b9d2125aa71215d43fc8c9c1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

685097e1b9d2125aa71215d43fc8c9c1_JaffaCakes118
Size

339KB
MD5

685097e1b9d2125aa71215d43fc8c9c1
SHA1

5a68589b5afa641074e27abbe77f6167a3df9db1
SHA256

c73075648a4e461ff2773caa2b9ab7d69a2243e641ccc14065761227726a88f6
SHA512

e67d456dd4cb68aa70b74c3a659382e5397623696637e037254cd8a42ff8cc734275733587d872901ea6b26cb65756508d37bdb02af607327023aeab1cb2fbc9
SSDEEP

6144:QtYYMoJIZXbj96z74twsNJtQW4M0OJJKD5MTASqzHbF1353tqZBQ/AxHdEdJJQ3+:aPOZXbjA/GwsVQaXJq0iDv5AvQ/Ax2JX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
685097e1b9d2125aa71215d43fc8c9c1_JaffaCakes118

Files

685097e1b9d2125aa71215d43fc8c9c1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5a3ff3e42705a220dfc3d5ba55bf5ec1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

atl

AtlAxCreateDialogW
DllCanUnloadNow
AtlDevModeW2A
AtlIPersistPropertyBag_Load
AtlAxDialogBoxA
AtlModuleInit
AtlCreateTargetDC
AtlComQIPtrAssign
AtlModuleRevokeClassObjects
AtlModuleUnregisterServer
AtlAxCreateControl
AtlAxDialogBoxW
AtlUnmarshalPtr
AtlAxWinInit
AtlIPersistStreamInit_Save
AtlPixelToHiMetric
AtlModuleLoadTypeLib
AtlAxGetHost
AtlIPersistPropertyBag_Save
AtlModuleAddCreateWndData
AtlModuleRegisterClassObjects
AtlRegisterClassCategoriesHelper
AtlModuleUnRegisterTypeLib
AtlFreeMarshalStream
AtlWaitWithMessageLoop
AtlAxCreateDialogA
AtlModuleRegisterWndClassInfoW
AtlHiMetricToPixel

kernel32

GetCurrentThreadId
LZStart
SetFileTime
QueryPerformanceCounter
CreateMutexA
GetConsoleNlsMode
TransmitCommChar
GetTempFileNameW
LoadLibraryA
SetEnvironmentVariableA
GetConsoleCommandHistoryW
GetStartupInfoW
WaitForMultipleObjectsEx
GetTickCount
RequestWakeupLatency
MoveFileWithProgressW
SetCommState
HeapCompact
GlobalAddAtomW
CreateSemaphoreW
GetThreadPriority
GetNamedPipeInfo
SetConsoleDisplayMode
GlobalMemoryStatusEx
VirtualFree
LocalUnlock
OpenFileMappingW
SetConsoleNlsMode
VerSetConditionMask
VirtualAlloc
ConsoleMenuControl
GetConsoleFontSize
SetConsoleInputExeNameA
GetCurrentProcessId
GetProcessAffinityMask
VerLanguageNameA
GetTimeZoneInformation
CreateDirectoryA
GetConsoleProcessList
BaseCleanupAppcompatCacheSupport
WriteConsoleA
RtlCaptureContext
GetDiskFreeSpaceW
SetConsoleCursorMode
SetConsoleScreenBufferSize
VirtualQueryEx
FindFirstVolumeMountPointW
GetConsoleAliasA
EnumUILanguagesA
GetGeoInfoA
GetModuleHandleW
ExpungeConsoleCommandHistoryA

winmm

mixerClose
mxd32Message
WOW32ResolveMultiMediaHandle
waveOutPause
mixerMessage
mciSendStringA
timeBeginPeriod
midiInClose
waveOutRestart
mciSetDriverData
mciGetYieldProc
waveOutGetPosition
timeEndPeriod
mixerGetDevCapsA
midiStreamPause
waveOutSetPitch
midiOutUnprepareHeader
mciSendCommandA
CloseDriver
joy32Message
midiStreamStop
joyGetDevCapsW
timeKillEvent
mmioRenameA
mmioFlush
joyGetThreshold
midiDisconnect

crtdll

_fileinfo_dll
isdigit
fprintf
_controlfp
_pclose
_stat
??2@YAPAXI@Z
_get_osfhandle
fputwc
_cpumode_dll
_access
_timezone_dll
_CIfmod
_mbsninc
_vsnwprintf
ldexp
_fcvt
ldiv
_stricoll
vfwprintf
mbstowcs
strcspn
localtime
wcsxfrm
fread
_wcsnset
_mbsinc
_wtol

wldap32

ldap_addW
ldap_compare_ext_sW
ldap_sasl_bind_sW
ldap_modrdn2_sW
ldap_compare_ext
ldap_next_attributeW
ldap_parse_page_controlA
ldap_compareA
ldap_connect
ldap_rename_extA
ldap_create_sort_control
ldap_set_optionA
ldap_get_optionW
ldap_search_extW
ldap_modrdn2A
ldap_dn2ufn
ldap_free_controlsA
ldap_extended_operation
ldap_parse_sort_control
ldap_err2string
ldap_search_sW
ldap_result

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 246KB - Virtual size: 659KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a3ff3e42705a220dfc3d5ba55bf5ec1

Headers

File Characteristics

Imports

atl

kernel32

winmm

crtdll

wldap32

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 48KB - Virtual size: 48KB

.data Size: 246KB - Virtual size: 659KB

.tls Size: 512B - Virtual size: 4B

.rsrc Size: 35KB - Virtual size: 34KB

.reloc Size: 512B - Virtual size: 348B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 48KB - Virtual size: 48KB

.data
Size: 246KB - Virtual size: 659KB

.tls
Size: 512B - Virtual size: 4B

.rsrc
Size: 35KB - Virtual size: 34KB

.reloc
Size: 512B - Virtual size: 348B