833c89ee34b3e8ef50bbf66bc73a08c0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

833c89ee34b3e8ef50bbf66bc73a08c0_JaffaCakes118
Size

424KB
MD5

833c89ee34b3e8ef50bbf66bc73a08c0
SHA1

ef6d99cc43b0c745b89dfc0720668ee22e7f2b07
SHA256

826bf660e33f4e6191043ead1bd0394cd1ef893b3d25ff79a413d2fe189392b4
SHA512

909ae41a4de5467f6666163e9589d871a46a1e458dfc51083906cbe89327dd498b7bc28e052f594bd5e4ae15819f8dc95f1bbe341dff2d01776ddbb74bc48cc5
SSDEEP

12288:mhmMMnMMMMMaAZ2lsh7pvn0bGiq7mfZrkg:mwMMnMMMMMaDsh1vnRmx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
833c89ee34b3e8ef50bbf66bc73a08c0_JaffaCakes118

Files

833c89ee34b3e8ef50bbf66bc73a08c0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b96f025b64970c091779df4d0249cec7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

samlib

SamiEncryptPasswords
SamRemoveMultipleMembersFromAlias
SamTestPrivateFunctionsUser
SamConnectWithCreds

kernel32

GetSystemDirectoryA
GlobalFree
CreateThread
GetUserDefaultLangID
SetEvent
RaiseException
GetSystemDefaultLangID
UnhandledExceptionFilter
GetCommandLineA
FindNextFileA
IsBadReadPtr
RtlUnwind
GetLastError
LoadLibraryExA
GlobalHandle
GetModuleFileNameW
GetModuleFileNameA
GetFileAttributesA
GetVersion
InitializeCriticalSection
ExitThread
LockResource
CompareStringW
CreateProcessA
GlobalLock
CreateProcessW
EnterCriticalSection
ExitProcess
CreateEventA
MoveFileA
GetSystemDefaultLCID
CloseHandle
MulDiv
UnlockFile
HeapCreate
GetEnvironmentStrings
GetStringTypeA
GetTempFileNameA
LCMapStringA
SystemTimeToFileTime
GetProfileStringA
WriteFile
GetFileType
GetFullPathNameA
GlobalUnlock
GetShortPathNameA
ResetEvent
GetEnvironmentStringsW
ResumeThread
GetStringTypeW
GetTickCount
HeapFree
HeapDestroy
lstrcpynA
HeapReAlloc
FreeResource
SetFileTime
FindFirstFileA
VirtualAlloc
GetStringTypeExA
TlsFree
GetFileTime
LoadLibraryA
_lwrite
SetLastError
IsBadCodePtr
GetExitCodeProcess
Sleep
GetTimeZoneInformation
GlobalAlloc
GetCurrentProcess
SetErrorMode
GetSystemInfo
CreateSemaphoreA
GetCurrentProcessId
FlushInstructionCache
ReadFile
WideCharToMultiByte
lstrcmpiA
SetCurrentDirectoryA
VirtualQuery
SetFileAttributesA
LoadResource
GlobalSize
lstrlenA
InterlockedDecrement
HeapAlloc
MultiByteToWideChar
FreeEnvironmentStringsA
GetCurrentThreadId
GetProcAddress
FreeLibrary
VirtualFree
FindResourceA
lstrcpyA
lstrcmpA
GetOEMCP
GetVersionExA
GetLocaleInfoA
DuplicateHandle
FreeEnvironmentStringsW
lstrcmpiW
GlobalAddAtomA
HeapSize
GetModuleHandleA
SearchPathA
TlsSetValue

msi

MsiConfigureFeatureW
MsiDatabaseCommit
MsiAdvertiseProductW

ddraw

DirectDrawEnumerateA

user32

CallMsgFilterA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 872KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 358KB - Virtual size: 358KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b96f025b64970c091779df4d0249cec7

Headers

DLL Characteristics

File Characteristics

Imports

samlib

kernel32

msi

ddraw

user32

Sections

.text Size: 1KB - Virtual size: 1KB

.idata Size: 3KB - Virtual size: 3KB

.data Size: 24KB - Virtual size: 872KB

.reloc Size: 512B - Virtual size: 64B

.rdata Size: 35KB - Virtual size: 35KB

.rsrc Size: 358KB - Virtual size: 358KB

.text
Size: 1KB - Virtual size: 1KB

.idata
Size: 3KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 872KB

.reloc
Size: 512B - Virtual size: 64B

.rdata
Size: 35KB - Virtual size: 35KB

.rsrc
Size: 358KB - Virtual size: 358KB