68eac3f7dc3319152b4bffb3ee48e461_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

68eac3f7dc3319152b4bffb3ee48e461_JaffaCakes118
Size

870KB
MD5

68eac3f7dc3319152b4bffb3ee48e461
SHA1

c4936e5d077125efd642d736a66ccb391d54b93b
SHA256

f6f9173c0739f45c671b7842e4d47ab8db69e0163c19f6e14f5b92f137cbda1b
SHA512

6ac3fdc4b854bdeef8e6a7db1f874325a3cea317daa60951b25e876169c8202ba73bd4e1ae5f77f04f43cc519202b41fec6fdbbe232b132f15ff8259a46e0b9f
SSDEEP

24576:fUVu1bCTbytiyKnwAXGeLDuzL3qGQZoU2QsrsFjC:fr8Gt5Ltef/X2w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68eac3f7dc3319152b4bffb3ee48e461_JaffaCakes118

Files

68eac3f7dc3319152b4bffb3ee48e461_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2f39a0b818e27c4d0a75f7ea17df7d34

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumUILanguagesA
RemoveDirectoryA
ZombifyActCtx
SetUserGeoID
GetConsoleDisplayMode
GetCurrentDirectoryW
GetLocaleInfoW
SetThreadExecutionState
SetLastError
SetCriticalSectionSpinCount
GetNativeSystemInfo
GetConsoleAliasExesA
_lclose
GetConsoleScreenBufferInfo
GetThreadContext
GlobalAlloc
GetSystemDefaultLangID
DnsHostnameToComputerNameA
FreeEnvironmentStringsW
GetConsoleCursorMode
EnumResourceNamesW
SetThreadLocale
SetFileShortNameA
GetOEMCP
LocalAlloc
GlobalFindAtomA
ReadConsoleInputA
DeleteFileA
UTRegister
OpenWaitableTimerA
BeginUpdateResourceA
lstrcmpW
GetComputerNameA
HeapFree
SetConsoleDisplayMode
_hwrite
Heap32First
GetACP
VirtualAlloc
BaseFlushAppcompatCache
SetFileAttributesA
OutputDebugStringA
DebugActiveProcess
EnumUILanguagesW
SetCommState
ScrollConsoleScreenBufferW
GetNumaAvailableMemoryNode
GetCurrentThread
GetConsoleHardwareState
CloseProfileUserMapping
LoadLibraryA

utildll

GetSystemMessageA
SetupAsyncCdConfig
CachedGetUserFromSid
ElapsedTimeString
RegGetNetworkDeviceName
CalculateDiffTime
StrSdClass
GetSystemMessageW
QueryCurrentWinStation
CalculateElapsedTime
IsPartOfDomain
StrAsyncConnectState
GetUnknownString
StrSystemWaitReason
CompareElapsedTime
StrConnectState
StrProcessState
DateTimeString
ConfigureModem
HaveAnonymousUsersChanged
NetworkDeviceEnumerate
GetAssociatedPortName
WinEnumerateDevices
NetBIOSDeviceEnumerate
RegGetNetworkServiceName
GetUserFromSid
CtxGetAnyDCName
ParseDecoratedAsyncDeviceName
StandardErrorMessage
FormDecoratedAsyncDeviceName
EnumerateMultiUserServers

mapistub

PropCopyMore@16
FGetComponentPath@20
FPropContainsProp@12
LpValFindProp@12
MAPILogoff
MNLS_MultiByteToWideChar@24
HrDecomposeMsgID@24
MAPIUninitialize@0
MAPIFindNext
HrGetOmiProvidersFlags@8
FtSubFt@16
MNLS_lstrcmpW@8
ScMAPIXFromCMC
cmc_free
SzFindCh@8
FtNegFt@8
MAPIOpenLocalFormContainer
UNKOBJ_ScCOReallocate@12
ScCountProps@12
ChangeIdleRoutine@28
MAPIAdminProfiles
MAPIOpenFormMgr
MAPIGetDefaultMalloc@0
WrapCompressedRTFStream@12
UlAddRef@4
GetOutlookVersion
MAPILogonEx
LaunchWizard@20
MAPIDeinitIdle@0
WrapStoreEntryID@24
FPropCompareProp@12
HrSetOneProp@8
UNKOBJ_FreeRows@8
UFromSz@4
FBadPropTag@4
HrQueryAllRows@24
SwapPword@8
UNKOBJ_COFree@8
HexFromBin@12
UNKOBJ_ScCOAllocate@12
BMAPIReadMail
MAPIAllocateMore@12
BMAPIResolveName
MAPILogon

clusapi

SetClusterName
DeleteClusterGroup
GetClusterGroupKey
SetClusterNetworkPriorityOrder
GetClusterResourceNetworkName
ClusterGroupGetEnumCount
GetClusterFromNode
OpenClusterResource
SetClusterQuorumResource
GetClusterNetInterfaceKey
ClusterNodeOpenEnum
ChangeClusterResourceGroup
ClusterCloseEnum
ClusterResourceTypeGetEnumCount
GetClusterNetworkKey
ClusterRegEnumKey
GetClusterNodeState
SetClusterNetworkName
ClusterResourceTypeControl
GetClusterFromNetwork
EvictClusterNode
OfflineClusterResource
ClusterResourceControl
OpenCluster
CloseClusterNetwork
ClusterGetEnumCount
ClusterRegCloseKey
GetClusterNetInterfaceState
CloseCluster
GetClusterNetworkState
ClusterOpenEnum
ClusterResourceCloseEnum
ClusterResourceGetEnumCount
RegisterClusterNotify
BackupClusterDatabase
SetClusterGroupName
GetClusterNetInterface
OpenClusterNetInterface
ClusterGroupOpenEnum
CloseClusterGroup

Sections

.text
Size: 383KB - Virtual size: 383KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 351KB - Virtual size: 351KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 133KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f39a0b818e27c4d0a75f7ea17df7d34

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

utildll

mapistub

clusapi

Sections

.text Size: 383KB - Virtual size: 383KB

.rdata Size: 351KB - Virtual size: 351KB

.data Size: 133KB - Virtual size: 1.5MB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 383KB - Virtual size: 383KB

.rdata
Size: 351KB - Virtual size: 351KB

.data
Size: 133KB - Virtual size: 1.5MB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1KB - Virtual size: 1KB