74696a0bea7c319a1175a34d94025e8c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

74696a0bea7c319a1175a34d94025e8c_JaffaCakes118
Size

86KB
MD5

74696a0bea7c319a1175a34d94025e8c
SHA1

58986099b2bae162684bc01dd67c0cedb694c10f
SHA256

567c3ac8e5cad45071b2455620b59f0ee6033a040b4452ef36745fadc67d07e6
SHA512

b1cbb74977dd8789a1e4fb85424b34b9f41409c7fd0b6bef9c0c73d37da0fbaa1cbae630a00d88d489c9ef4ba7bd5cdae66642139e8897fcd1904a31fecb49dd
SSDEEP

1536:V1ErTzPjboQP/1zdFOjY2+OoxYoEg9akk2JGbW4TyvKe1MRPpAL4+3X+uawd8WAf:MrTHEQPZAY2+5eoP9akk2JUJyl1A2k+W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74696a0bea7c319a1175a34d94025e8c_JaffaCakes118

Files

74696a0bea7c319a1175a34d94025e8c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c15b212eb2591b40a8fa4d20be9d6688

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

odbcconf

DllCanUnloadNow
RunDLL32_UnregisterApplication
AppRegEnum
QueryApplication
SetSilent
DllGetClassObject
SetActionEnum
ExecuteAction
OpenAppRegEnum
SetActionLogModeSz
RegisterApplication
RefreshAppRegEnum
SetActionLogFile
DllRegisterServer
UnregisterApplication
SetActionLogMode
CloseAppRegEnum
RunDLL32_RegisterApplication
SetActionName
DllUnregisterServer

advapi32

SetServiceBits
LsaAddPrivilegesToAccount
AddAuditAccessAceEx
SystemFunction027
CredWriteW
ConvertSecurityDescriptorToAccessNamedW
SetEntriesInAuditListW
GetAce
SystemFunction019
GetSecurityDescriptorGroup
SystemFunction011
SaferiRecordEventLogEntry
GetLocalManagedApplications
RegQueryInfoKeyA
RegDisablePredefinedCache
LsaLookupPrivilegeValue

rpcrt4

RpcStringFreeW
I_RpcConnectionInqSockBuffSize
SimpleTypeBufferSize
RpcSmSetClientAllocFree
I_RpcGetExtendedError
RpcEpRegisterW
RpcSsContextLockShared
MIDL_wchar_strcpy
NdrFullPointerXlatFree
NdrServerInitializePartial
NdrStubInitialize
NdrNsGetBuffer
RpcServerInqIf
NdrConformantVaryingStructUnmarshall
NdrGetDcomProtocolVersion
NdrUserMarshalMemorySize
NdrFullPointerInsertRefId
NdrComplexStructMemorySize
NdrConformantStructMarshall
NdrEncapsulatedUnionMemorySize

ntdll

cos
NtEnumerateKey
NtReadFile
ZwQuerySystemTime
LdrSetAppCompatDllRedirectionCallback
NtGetDevicePowerState
NtCreateEvent
RtlDestroyHandleTable
LdrInitShimEngineDynamic
RtlFindLongestRunClear

kernel32

GetWindowsDirectoryA
OutputDebugStringA
QueryPerformanceCounter
PrivCopyFileExW
ReadConsoleA
GetStartupInfoA
GetPrivateProfileStructW
WriteConsoleInputVDMW
GetCurrentThreadId
Thread32First
EndUpdateResourceW
GlobalAddAtomA
MapUserPhysicalPagesScatter
GetConsoleNlsMode
SetConsoleCursorInfo
GetCurrentProcessId
IsSystemResumeAutomatic
GetSystemTimeAsFileTime
GetFileTime
GetTickCount
LoadLibraryA
WriteConsoleOutputAttribute
GetModuleHandleW
SetConsoleFont
VirtualAlloc

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c15b212eb2591b40a8fa4d20be9d6688

Headers

DLL Characteristics

File Characteristics

Imports

odbcconf

advapi32

rpcrt4

ntdll

kernel32

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 19KB - Virtual size: 54KB

.rsrc Size: 20KB - Virtual size: 20KB

.reloc Size: 512B - Virtual size: 288B

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 19KB - Virtual size: 54KB

.rsrc
Size: 20KB - Virtual size: 20KB

.reloc
Size: 512B - Virtual size: 288B