723b14be0dab9fdf41586caa2ce065c2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

723b14be0dab9fdf41586caa2ce065c2_JaffaCakes118
Size

84KB
MD5

723b14be0dab9fdf41586caa2ce065c2
SHA1

2f4ad4f35ecade2e5749408a43f1a33811668c56
SHA256

8d3ee09e4ef2f23bf86c7a6620b0d8b1d7c00e8ba539c0885a55b23c79da08c3
SHA512

156f05e4caee5ce2854dcc7c0628aa1f16d67056d19f281047f79c5a964aaa792500ad4d798cc085d2f77b14b1f5ce9bf887105de75d684483d4c8ec65009bb0
SSDEEP

1536:Zbl3AvWYjNP1q0RANGCG3ezkBHcxwcDT0JWwIej5roj36TETvacFg:tlcvJt3RUG14QcxwR4wIqEZz6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
723b14be0dab9fdf41586caa2ce065c2_JaffaCakes118

Files

723b14be0dab9fdf41586caa2ce065c2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

84983bf77151acb26216a1d3580b343f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleKeyShortcuts
GlobalGetAtomNameW
GetSystemTimeAsFileTime
EraseTape
ReadConsoleOutputW
IsProcessInJob
LZClose
GetConsoleAliasExesW
LocalFlags
EnumResourceNamesW
CompareStringA
GetOEMCP
GetTickCount
GetCurrentThreadId
lstrcmpW
LZInit
GetComputerNameW
QueryPerformanceCounter
GetPrivateProfileStringA
SetupComm
GetCurrentProcessId
RtlCaptureContext
EnumResourceTypesW
FlushFileBuffers
GenerateConsoleCtrlEvent
InitAtomTable
LoadLibraryA
VirtualAlloc
ReplaceFileA
DeleteFileA
GetTapeStatus
EnumCalendarInfoExW
SetSystemTime
SetConsoleCursorPosition
GetNumaNodeProcessorMask
IsValidLocale

wininet

InternetCloseHandle
DeleteIE3Cache
InternetAutodialCallback
InternetGoOnlineW
FtpGetFileW
CreateUrlCacheContainerW
InternetCreateUrlW
PrivacyGetZonePreferenceW
GopherGetAttributeA
IsUrlCacheEntryExpiredA
GetUrlCacheEntryInfoA
FtpCommandW
InternetTimeFromSystemTimeW
FindCloseUrlCache
InternetSetStatusCallbackW
DeleteUrlCacheContainerA

msvcp60

?pbackfail@?$basic_filebuf@GU?$char_traits@G@std@@@std@@MAEGG@Z
??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Pdif@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAIPBG0@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAO@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
??Nstd@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?signaling_NaN@?$numeric_limits@H@std@@SAHXZ
?replace@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PAG0PBG@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
?infinity@?$numeric_limits@H@std@@SAHXZ
?_Cosh@?$_Ctr@O@std@@SAOOO@Z
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?compare@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEHABV12@@Z
?open@?$basic_fstream@GU?$char_traits@G@std@@@std@@QAEXPBDF@Z
?_Init@?$codecvt@GDH@std@@IAEXABV_Locinfo@2@@Z

ifsutil

?IsArcSystemPartition@IFS_SYSTEM@@SGEPBVWSTRING@@PAE@Z
?Add@NUMBER_SET@@QAEEVBIG_INT@@@Z
??0NUMBER_SET@@QAE@XZ
?QuerySize@TLINK@@QBEGXZ
?GetNextDataSlot@TLINK@@QAEAAVBIG_INT@@XZ
?Read@IO_DP_DRIVE@@QAEEVBIG_INT@@KPAX@Z
?AddDriveName@MOUNT_POINT_MAP@@QAEEPAVWSTRING@@0@Z
?SetSystemId@LOG_IO_DP_DRIVE@@QAEEE@Z
?RemoveAll@SPARSE_SET@@QAEEXZ
?ShellSort@TLINK@@QAEXXZ
?PushEntry@AUTOREG@@SGEPBVWSTRING@@@Z
?Initialize@INTSTACK@@QAEEXZ
?GetNext@TLINK@@QAEPAXPAX@Z
?IsFrontEndPresent@AUTOREG@@SGEPBVWSTRING@@0@Z
?Write@SECRUN@@UAEEXZ
?Initialize@TLINK@@QAEEG@Z
?Read@SECRUN@@UAEEXZ

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84983bf77151acb26216a1d3580b343f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

wininet

msvcp60

ifsutil

Sections

.text Size: 39KB - Virtual size: 39KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 20KB - Virtual size: 24KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 512B - Virtual size: 288B

.text
Size: 39KB - Virtual size: 39KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 20KB - Virtual size: 24KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 512B - Virtual size: 288B