74096ff93ccc1ff8b9eadf107a4b322a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

74096ff93ccc1ff8b9eadf107a4b322a_JaffaCakes118
Size

171KB
MD5

74096ff93ccc1ff8b9eadf107a4b322a
SHA1

d51d3ee133b3033bb8f1eb282a454bef1281a111
SHA256

d8db3e566aaf8a67e71085f2370bec302f8009ac0013a9489953fda34d6cec8c
SHA512

99a53b42f3d3e3c248195101f3967f3f3982defb68e1d3d0c9156c8ed8c8bc3e5bc272cc5fa7920002853c7672608c8ef6aa95e85a9a0bd41780a3dcc414c8aa
SSDEEP

3072:446Qc1MuZ194IW03//cHadqDEkEQqCQcVvMKlOJbThYFS9/QiFf2:4Yc1M03/N/4a8DEkEQ5vUXhYE9/Qi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74096ff93ccc1ff8b9eadf107a4b322a_JaffaCakes118

Files

74096ff93ccc1ff8b9eadf107a4b322a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b8c5a820a0684d29d1e10134dc5788e8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

adsldpc

ADsGetLastError
ReallocADsMem
AllocADsMem
AllocADsStr
ADsSetLastError
FreeADsStr
FreeADsMem
ConvertSidToU2Trustee
GetDomainDNSNameForDomain
ConvertU2TrusteeToSid
ConvertSidToString

ole32

CoInitialize
CLSIDFromString
MkParseDisplayName
CreateBindCtx
CreatePointerMoniker
CoTaskMemAlloc
StringFromGUID2
CoGetMalloc
CoTaskMemFree
CLSIDFromProgID
StringFromCLSID
CoCreateInstance

kernel32

DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetVersionExW
VirtualAlloc
LeaveCriticalSection
SetLastError
CompareStringW
GetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetProcAddress
InterlockedDecrement
FreeLibrary
lstrlenW
LocalAlloc
FormatMessageW
GetCurrentThreadId
GetUserDefaultLCID
TerminateProcess
EnterCriticalSection
LocalFree
GetCurrentProcess
LoadLibraryW
GetTickCount
GetCurrentProcessId
GetCurrentThread
DeleteCriticalSection
GetSystemDirectoryW
CloseHandle
QueryPerformanceCounter
InterlockedIncrement
Sleep

wsnmp32

SnmpGetTimeout

advapi32

LsaFreeMemory
GetSidIdentifierAuthority
GetAclInformation
SetSecurityDescriptorDacl
LsaClose
GetLengthSid
RegOpenKeyExW
LsaLookupSids
LsaOpenPolicy
OpenProcessToken
RegEnumKeyExW
GetSecurityDescriptorDacl
LookupAccountNameW
GetSecurityDescriptorGroup
SetFileSecurityW
GetSecurityDescriptorControl
SystemFunction040
RegConnectRegistryW
GetAce
RegGetKeySecurity
GetFileSecurityW
RegCloseKey
SetSecurityDescriptorGroup
OpenThreadToken
RegDeleteKeyW
RevertToSelf
IsValidSid
InitializeAcl
GetSecurityDescriptorLength
InitializeSecurityDescriptor
AddAce
RegQueryValueExW
SetSecurityDescriptorSacl
RegSetKeySecurity
GetSecurityDescriptorSacl
RegCreateKeyExW
LookupAccountSidW
ImpersonateLoggedOnUser
LsaNtStatusToWinError
SystemFunction041
GetSecurityDescriptorOwner
MakeSelfRelativeSD
SetSecurityDescriptorOwner
RegSetValueExW
ConvertStringSidToSidW

mpr

WNetAddConnectionW

Sections

.text
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 848KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8c5a820a0684d29d1e10134dc5788e8

Headers

DLL Characteristics

File Characteristics

Imports

adsldpc

ole32

kernel32

wsnmp32

advapi32

mpr

Sections

.text Size: 512B - Virtual size: 412B

.rdata Size: 144KB - Virtual size: 144KB

.rsrc Size: 7KB - Virtual size: 6KB

.idata Size: 18KB - Virtual size: 17KB

.data Size: - Virtual size: 848KB

.reloc Size: 512B - Virtual size: 28B

.text
Size: 512B - Virtual size: 412B

.rdata
Size: 144KB - Virtual size: 144KB

.rsrc
Size: 7KB - Virtual size: 6KB

.idata
Size: 18KB - Virtual size: 17KB

.data
Size: - Virtual size: 848KB

.reloc
Size: 512B - Virtual size: 28B