88da5d6d10e5e3b66b09304ef2dc4b79_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

88da5d6d10e5e3b66b09304ef2dc4b79_JaffaCakes118
Size

171KB
MD5

88da5d6d10e5e3b66b09304ef2dc4b79
SHA1

5efd6848d376f6d352dbbad4f4ff0ae01e95ab2c
SHA256

6fb6a990e692bf2ffc1ffdcb8362a848d14609412e352c7eae645bdda484264f
SHA512

03ec78d1f3a4416b7df1f28c768e3053da87fa993cd37f7f3c098cc699b42a90f481031af8c3a699081e222ff63d7324657718d4257bea997843b413fe246daf
SSDEEP

3072:6T/1VSY7SvwIyXDZbWGgLyRxfpAB8p8AdIKwNTKDz3euSVGyi8vxH5sd8:6T/kIFXlzgSxm+p8sIK/3fMGyNvF5s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88da5d6d10e5e3b66b09304ef2dc4b79_JaffaCakes118

Files

88da5d6d10e5e3b66b09304ef2dc4b79_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fa24d9ccb3cf079f4f42972a4196453a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

SetFileSecurityW
LsaFreeMemory
GetSecurityDescriptorLength
RevertToSelf
RegConnectRegistryW
LsaClose
LsaNtStatusToWinError
GetSecurityDescriptorOwner
RegDeleteKeyW
InitializeAcl
GetSecurityDescriptorControl
GetAclInformation
OpenThreadToken
AddAce
LsaLookupSids
GetAce
ImpersonateLoggedOnUser
RegCloseKey
GetSecurityDescriptorSacl
InitializeSecurityDescriptor
RegOpenKeyExW
GetSidIdentifierAuthority
SetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetLengthSid
ConvertStringSidToSidW
GetSecurityDescriptorDacl
RegEnumKeyExW
MakeSelfRelativeSD
LookupAccountNameW
RegGetKeySecurity
LookupAccountSidW
LsaOpenPolicy
SetSecurityDescriptorGroup
OpenProcessToken
RegSetValueExW
RegSetKeySecurity
GetFileSecurityW
RegQueryValueExW
SetSecurityDescriptorDacl
SystemFunction040
RegCreateKeyExW
SystemFunction041
SetSecurityDescriptorSacl
IsValidSid

adsldpc

GetDomainDNSNameForDomain
AllocADsStr
ConvertSidToString
ConvertU2TrusteeToSid
AllocADsMem
FreeADsMem
ADsGetLastError
ConvertSidToU2Trustee
FreeADsStr
ADsSetLastError
ReallocADsMem

wsnmp32

SnmpGetTimeout

kernel32

SetUnhandledExceptionFilter
SetLastError
GetCurrentProcess
UnhandledExceptionFilter
LocalFree
CloseHandle
LocalAlloc
GetUserDefaultLCID
GetVersionExW
DisableThreadLibraryCalls
Sleep
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
TerminateProcess
InterlockedDecrement
GetTickCount
InterlockedIncrement
CompareStringW
GetCurrentThread
lstrlenW
QueryPerformanceCounter
GetCurrentThreadId
VirtualAlloc
InitializeCriticalSection
GetSystemDirectoryW
DeleteCriticalSection
GetProcAddress
GetLastError
FormatMessageW
GetCurrentProcessId

mpr

WNetAddConnectionW

ole32

CoInitialize
CreatePointerMoniker
StringFromGUID2
CLSIDFromString
CoGetMalloc
CoCreateFreeThreadedMarshaler
CLSIDFromProgID
MkParseDisplayName
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CreateBindCtx

Sections

.text
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 848KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa24d9ccb3cf079f4f42972a4196453a

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

adsldpc

wsnmp32

kernel32

mpr

ole32

Sections

.text Size: 512B - Virtual size: 412B

.rdata Size: 144KB - Virtual size: 144KB

.rsrc Size: 7KB - Virtual size: 6KB

.idata Size: 18KB - Virtual size: 17KB

.data Size: - Virtual size: 848KB

.reloc Size: 512B - Virtual size: 28B

.text
Size: 512B - Virtual size: 412B

.rdata
Size: 144KB - Virtual size: 144KB

.rsrc
Size: 7KB - Virtual size: 6KB

.idata
Size: 18KB - Virtual size: 17KB

.data
Size: - Virtual size: 848KB

.reloc
Size: 512B - Virtual size: 28B