86687c66c3179127132e4bd778f09c0b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

86687c66c3179127132e4bd778f09c0b_JaffaCakes118
Size

86KB
MD5

86687c66c3179127132e4bd778f09c0b
SHA1

3b13fad2350761266d956c5109e252627a92536a
SHA256

dfd85a4b4153305f102b48112becf168d0a93f4df7a981d7bf937d0766d7eea9
SHA512

781c5f3577f162a23e2e7dfb46c8f4c26959863e895965f519a02e1e787f5d2e0dc1eb5de72fcdfa5e29d67294a63086938aa3d00b618dd355878084c6b62db5
SSDEEP

1536:qBE6CKafjwQ0ZAVhHttF7iecp01jylr5OhditRQByqxFMaGIyfkRXvw1jjOY:n6lafwZeHttF7opvlYFByMGIrbY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86687c66c3179127132e4bd778f09c0b_JaffaCakes118

Files

86687c66c3179127132e4bd778f09c0b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

54eec57a644bbc98b54bb1ab49cd8447

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

RpcErrorGetNumberOfRecords
NdrCorrelationInitialize
CStdStubBuffer_CountRefs
NdrConvert2
NdrConformantStructBufferSize
RpcServerUseAllProtseqsEx
NdrGetSimpleTypeBufferAlignment
I_RpcBindingIsClientLocal
NdrEncapsulatedUnionMemorySize
RpcEpUnregister
NdrServerCall
NdrConformantVaryingStructFree
NdrGetSimpleTypeMemorySize
I_RpcTransConnectionReallocPacket
RpcServerUseProtseqIfExW
I_RpcBindingToStaticStringBindingW
RpcBindingFree
NdrClientInitializeNew
SimpleTypeBufferSize
RpcServerInqBindings
RpcErrorGetNextRecord

setupapi

CM_Get_Class_Registry_PropertyA
SetupAddSectionToDiskSpaceListW
SetupDiEnumDeviceInterfaces
CM_Get_Class_Registry_PropertyW
pSetupStringTableDuplicate
SetupAddToSourceListW
CM_Request_Device_Eject_ExW
CM_Get_Global_State_Ex
CM_Register_Device_Driver_Ex
SetupGetFieldCount
SetupDiGetCustomDevicePropertyW
SetupAddSectionToDiskSpaceListA
pSetupEnablePrivilege
CM_Get_Res_Des_Data
SetupGetTargetPathA
CM_Get_First_Log_Conf
SetupDiSetClassInstallParamsW
SetupCommitFileQueueA
CM_Get_Class_Name_ExA
CM_Get_Device_ID_List_ExW
pSetupUnicodeToMultiByte
CM_Enumerate_EnumeratorsW
CM_Set_HW_Prof_FlagsW
SetupAdjustDiskSpaceListA
SetupCloseLog

gdi32

EngFindResource
DdEntry46
GetCharABCWidthsA
GdiPlayEMF
PATHOBJ_bEnumClipLines
GetTextCharset
GetRandomRgn
GetGlyphIndicesW
BRUSHOBJ_pvAllocRbrush
ExtFloodFill
XLATEOBJ_hGetColorTransform
CreateScalableFontResourceW
GdiConvertRegion
GdiComment
EndDoc
GetOutlineTextMetricsA
CreateICA
PolyPatBlt
FontIsLinked
SetMiterLimit
GetRegionData

kernel32

GetLogicalDrives
SetVDMCurrentDirectories
GetProfileSectionW
CreateIoCompletionPort
PurgeComm
Thread32First
GetCurrentThreadId
GetProcessShutdownParameters
QueryPerformanceCounter
WaitForSingleObject
GetStartupInfoA
IsWow64Process
GetSystemInfo
LoadLibraryA
LZCopy
FindFirstVolumeW
GetLastError
GetTickCount
Module32NextW
LZInit
HeapCreate
DeleteTimerQueueTimer
VirtualAlloc
CancelIo
GlobalGetAtomNameA
ExpungeConsoleCommandHistoryA
VerifyVersionInfoA
CreateMutexA
GetSystemTimeAsFileTime
GetCurrentProcessId
DebugActiveProcessStop
GetVolumeNameForVolumeMountPointA

msvcp60

??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$_Mpunct@D@std@@6B@
??_7?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@6B@
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
?underflow@?$basic_filebuf@GU?$char_traits@G@std@@@std@@MAEGXZ
_FEps
?sqrt@?$_Ctr@O@std@@SAOO@Z
?min@?$numeric_limits@_N@std@@SA_NXZ
??X?$_Complex_base@O@std@@QAEAAV01@ABO@Z
??1domain_error@std@@UAE@XZ
?_Init@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAEXABV_Locinfo@2@@Z
??0?$numpunct@G@std@@QAE@I@Z
_Poly

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54eec57a644bbc98b54bb1ab49cd8447

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

setupapi

gdi32

kernel32

msvcp60

Sections

.text Size: 34KB - Virtual size: 33KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 18KB - Virtual size: 72KB

.rsrc Size: 21KB - Virtual size: 20KB

.reloc Size: 512B - Virtual size: 280B

.text
Size: 34KB - Virtual size: 33KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 18KB - Virtual size: 72KB

.rsrc
Size: 21KB - Virtual size: 20KB

.reloc
Size: 512B - Virtual size: 280B