70db9a8aefb6a788f5af78c32cd6e20f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

70db9a8aefb6a788f5af78c32cd6e20f_JaffaCakes118
Size

356KB
MD5

70db9a8aefb6a788f5af78c32cd6e20f
SHA1

1bfaa72d978b8dc472f96580371202ce1c3c88f4
SHA256

f435eebdf54a2044f645748bbc1505b278d6e1eb95d7a61503ca8119c120f5e5
SHA512

6cb8a43dcae2bbe07d96b903d8484dd259efe8f548933e0d4aecd43457a3fa60842917e6723f8709425e4f2477cc8525ccdfc813b2cf9ecfcf7992f613de9cfc
SSDEEP

6144:V0SeXgTSEAMz0I9c7DbcLzff9Wqn4lMCMnXjzGY7dqqgaotfDCEq4p5kRsb7zTBy:aSfTf9zA7qRelMCMnXu8dYh9DCTkkR2U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70db9a8aefb6a788f5af78c32cd6e20f_JaffaCakes118

Files

70db9a8aefb6a788f5af78c32cd6e20f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

581a505a4e20b0f2108342c4e2caf48d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wmi

ControlTraceA
WmiMofEnumerateResourcesW
ControlTraceW
RegisterTraceGuidsA
WmiFileHandleToInstanceNameW
WmiFileHandleToInstanceNameA
WmiCloseBlock
WmiQueryAllDataW
WmiSetSingleInstanceW
WmiSetSingleItemA
QueryAllTracesW
TraceEventInstance
WmiSetSingleItemW
SetTraceCallback
WmiQuerySingleInstanceW
WmiDevInstToInstanceNameA
TraceEvent
WmiNotificationRegistrationA
WmiDevInstToInstanceNameW
RemoveTraceCallback
WmiEnumerateGuids
WmiQuerySingleInstanceA
EnableTrace

kernel32

WaitForSingleObject
WaitForDebugEvent
CommConfigDialogW
GetStartupInfoA
GetDiskFreeSpaceExW
GetCurrentDirectoryA
OpenEventA
FormatMessageA
LoadLibraryA
EnumSystemGeoID
MapUserPhysicalPagesScatter
RegisterConsoleVDM
CreateDirectoryExW
EnumUILanguagesW
AddLocalAlternateComputerNameA
OutputDebugStringA
HeapSize
GetCurrentThread
SleepEx
GetNumberFormatW
SwitchToFiber
GetCommState
SetTimeZoneInformation
SetSystemPowerState
VirtualAlloc
HeapCreate
ExitProcess
HeapCompact

ntdll

RtlSetUserValueHeap
NtTraceEvent
RtlCompressBuffer
RtlpWaitForCriticalSection
NtDeleteObjectAuditAlarm
RtlInitUnicodeStringEx
_strnicmp
_allshr
ZwQueryVirtualMemory
ZwMapViewOfSection
NtIsSystemResumeAutomatic
RtlUpperString
NtOpenSymbolicLinkObject
ZwSetThreadExecutionState
ZwDebugActiveProcess
ZwOpenThreadTokenEx
RtlSetThreadPoolStartFunc

duser

DUserSendEvent
DUserCastHandle
RegisterGadgetProperty
DUserSendMethod
FindStdColor
GetGadgetMessageFilter
SetGadgetScale
GetActionTimeslice
DUserRegisterStub
DUserPostMethod
GetMessageExA
SetGadgetFocus
DUserDeleteGadget
DllMain
SetGadgetRootInfo
UtilDrawOutlineRect
GetStdColorBrushF
FindGadgetMessages
DUserPostEvent

rtm

RtmGetInstanceInfo
RtmCreateEnumerationHandle
RtmGetNetworkCount
RtmHoldDestination
CheckTable
RtmGetRouteAge
RtmRegisterClient
RtmRegisterEntity
MgmDeleteGroupMembershipEntry
EnumOverTable
RtmWriteAddressFamilyConfig
RtmAddRoute
RtmCreateRouteListEnum
RtmBlockSetRouteEnable
RtmIsMarkedForChangeNotification
RtmGetEnumDests
MgmDeInitialize
RtmInsertInRouteList
MgmInitialize
RtmGetEntityInfo
RtmBlockMethods
BestMatchInTable

opengl32

glRasterPos2s
glIndexPointer
glCopyTexImage2D
glLightfv
glTexParameteriv
glClearDepth
glTexSubImage1D
glRasterPos3sv
glGetIntegerv
glVertex4f
glRasterPos2fv
glEvalCoord2d
wglChoosePixelFormat
glClearAccum
glMaterialiv
glIndexd
glMaterialfv
glGetMapiv
glColor4s
glTexCoord1fv
glIsEnabled

Sections

.text
Size: 342KB - Virtual size: 341KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

581a505a4e20b0f2108342c4e2caf48d

Headers

DLL Characteristics

File Characteristics

Imports

wmi

kernel32

ntdll

duser

rtm

opengl32

Sections

.text Size: 342KB - Virtual size: 341KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1KB - Virtual size: 340KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 512B - Virtual size: 360B

.text
Size: 342KB - Virtual size: 341KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1KB - Virtual size: 340KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 512B - Virtual size: 360B