8dfe9088c1a0e673175c050b6b8fa9a0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8dfe9088c1a0e673175c050b6b8fa9a0_JaffaCakes118
Size

86KB
MD5

8dfe9088c1a0e673175c050b6b8fa9a0
SHA1

4e88b970b373880306dd9a2beb02cf8bf552f839
SHA256

35fb825b660c3c27e969ba571b6943c2a24905740cd5f0c918b5236055432830
SHA512

3d978959ed13d067210f1bbaaa4fc57426b8c3e41c19887794c07172b128b5b6c091df15469fcf1f1d39cfb5443182e1d30e1f92e3cd85c5d0aba6facd5d1c76
SSDEEP

1536:skdPqUHUqgm+/prpc/DXHQj0Lr21vufAPnTXueMswpFN0Rf5RnWyyMNhLNY:skdyUHUqYparHQj0f2sf2nTfMstVnhLe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8dfe9088c1a0e673175c050b6b8fa9a0_JaffaCakes118

Files

8dfe9088c1a0e673175c050b6b8fa9a0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7d56da5bf46ebca4e0914a5a04123ab7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Add_Empty_Log_Conf_Ex
SetupDiGetClassDevsExW
CM_Get_Device_Interface_AliasW
SetupOpenFileQueue
CM_Set_HW_Prof_Ex
pSetupFree
SetupGetLineTextA
CM_Get_Device_ID_List_Size_ExA
DoesUserHavePrivilege
SetupDiGetDeviceInterfaceAlias
SetupDiGetDriverInfoDetailA
SetupOpenAppendInfFileW
CM_Test_Range_Available

netapi32

DsGetDcNextW
DsGetDcCloseW
NetUserAdd
NetReplExportDirUnlock
NetpNetBiosStatusToApiStatus
NetMessageNameEnum
I_NetLogonSamLogonEx
I_NetlogonComputeClientDigest
NetpCopyFtinfoContext
NetServerTransportEnum
I_NetServerAuthenticate2
NetWkstaUserSetInfo
NetpMergeFtinfo
NetpwPathCompare
NetApiBufferAllocate
NetUseDel

msvcp60

??0bad_exception@std@@QAE@PBD@Z
?_Init@?$collate@G@std@@IAEXABV_Locinfo@2@@Z
?denorm_min@?$numeric_limits@H@std@@SAHXZ
?quiet_NaN@?$numeric_limits@N@std@@SANXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PADH@Z
?insert@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IIG@Z
??Xstd@@YAAAV?$complex@M@0@AAV10@ABV10@@Z
?xalloc@ios_base@std@@SAHXZ
?_Nomemory@std@@YAXXZ
?replace@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PAG0PBG@Z
?widen@?$ctype@D@std@@QBEDD@Z
??0?$_Mpunct@G@std@@QAE@I_N@Z
?_Stinit@?1??_Init@?$basic_filebuf@DU?$char_traits@D@std@@@std@@IAEXPAU_iobuf@@W4_Initfl@23@@Z@4HA
_Getctype

kernel32

WriteFileEx
MapViewOfFileEx
HeapCreate
GetSystemTimeAsFileTime
CreateTimerQueue
GetCurrentProcessId
GetTickCount
AreFileApisANSI
QueryPerformanceCounter
RegisterWowExec
GetStartupInfoA
FindNextVolumeMountPointW
LoadLibraryA
GetFileTime
lstrcpyW
VirtualAlloc
GetDriveTypeW
GetCurrentThreadId
EnumUILanguagesW
GlobalCompact

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d56da5bf46ebca4e0914a5a04123ab7

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

netapi32

msvcp60

kernel32

Sections

.text Size: 29KB - Virtual size: 29KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 31KB - Virtual size: 90KB

.rsrc Size: 21KB - Virtual size: 21KB

.reloc Size: 512B - Virtual size: 308B

.text
Size: 29KB - Virtual size: 29KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 31KB - Virtual size: 90KB

.rsrc
Size: 21KB - Virtual size: 21KB

.reloc
Size: 512B - Virtual size: 308B