a048b33590502a2cdc6276e966c80001_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a048b33590502a2cdc6276e966c80001_JaffaCakes118
Size

206KB
MD5

a048b33590502a2cdc6276e966c80001
SHA1

56117938741d0a1d24957d429ba7f4f56592d1bc
SHA256

7d280ee4b90cfc1c5c4c3652c38f83fd5a926fd13b1115db8e72d1e3b50fda0b
SHA512

8f2e836755ed9ee5b59d3e5ab7622c974f6235d199f516b6952c82c8b6f75a1568b9bd1063240cecc578e0c48af69200251f855a95cfadc15ef535b73a38e49d
SSDEEP

6144:PSdwU8lYg6qZiwTqMa4CwUP0kmH5nAGZsTAjW0iSAHno9B:PS9wOp4CZPlZGNWVIv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a048b33590502a2cdc6276e966c80001_JaffaCakes118

Files

a048b33590502a2cdc6276e966c80001_JaffaCakes118
.exe windows:4 windows x86 arch:x86

992e93d42ed8a064aa02a0eb6df9f028

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
DeleteCriticalSection
CreateEventA
InitializeCriticalSection
CreateSemaphoreA
SetThreadPriority
WaitForSingleObject
ReleaseSemaphore
WaitForMultipleObjects
Sleep
OutputDebugStringA
CloseHandle
GetExitCodeThread
GetLastError

advapi32

RegQueryValueExA
RegCloseKey
SetServiceStatus
RegisterEventSourceA
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
RegOpenKeyExA

msvcrt

_adjust_fdiv
_beginthread
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
free
__p__commode
__p__fmode
__set_app_type
_controlfp
sprintf
_except_handler3
_beginthreadex

tcl75

Tcl_ExitCleanup

nmi

nmdxcdb
snmicini_InitializeCache
nmssctx_SetClientCtxt
nmdkbld_BuildCaches
nmdiape
nmipini
nmssoff_SignOff
nmdxparm
nmsson2_SignOnWithPathAndBool
nmixfai_FreeAgentInfo
nmiegwin_WorkInitEQ
nmid56t
nmitvdei
snmilte_LockTclEventContext
snmitedc
snmitedm
nmdudis_disconnect_user
nmdkfre_FreeCaches
nmsdrgm_DeregisterMIB
ord12432
ord12432
c_LockUsersContext
nmsrgm_RegisterMIB
snmirte_ReleaseTclEventContext
nmsrgr_RegisterMIBRow
nmiesdei_DeinitOutgoingQueues
snmiloq_LockOutgoingQueues
snmireq_ReleaseEventQueue
nmiegcls_CloseEQ
snmileq_LockEventQueue
snmirjc_ReleaseJobContext
nmijqcls_CloseJQ
snmiljc_LockJobContext
snmicdei_DeinitializeCache
snmicco_CloseOldConnections
nmixrp_RPCPoll
nmspoll
nmiesend
snmicla_ListenAgain
snmifsc_ServiceConnection
nmijqexe_ExecuteJQ
nmiescap_CapOutgoJob
nmitvce
nmiescap_CapOutgoEvent
snmdsrd_ReleaseDatabase
snmdsld_LockDatabase
nmdxcst_CheckStatus
nmdMaster_MIB
snmipwg_GetPassword
snmiconf
snmiles_LogErrorWithString
snmile_LogError
nminini_InitCtxt
nmidini_Init
snmiroq_ReleaseOutgoingQueues
nmitvini
nmimver_MakeVersionFile
nmixgai_GetAgentInfo
nmijsist_InitSymbolTable
nmieuini_InitUQ
nmiesini_InitOutgoingQueues
nmieucls_CloseUserTable
nmijqwin_WorkInitJQ
snmiluc_LockUsersContext
nmsgmcap_GetMasterCapabilities
snmiterm
nmsxgn_GetNumber

snmidl

snmidlcu_CleanUp
snmifmal
snmidlpi_PkgIndex

core40

ord57
ord195

nlsrtl33

ord201
ord117
ord175

nl80

snltmgcs
nlpagsp
snlgfqh
nlpains
nlemfireg
snlfncwd
nlstdgg
nlstdstp

ns80

nsdisc
nsanswer
nsgbltrm
nslisten
nscontrol

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

992e93d42ed8a064aa02a0eb6df9f028

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

tcl75

nmi

snmidl

core40

nlsrtl33

nl80

ns80

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 512B - Virtual size: 28B

.data Size: 1KB - Virtual size: 3KB

.idata Size: 172KB - Virtual size: 171KB

.rsrc Size: 21KB - Virtual size: 25KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 512B - Virtual size: 28B

.data
Size: 1KB - Virtual size: 3KB

.idata
Size: 172KB - Virtual size: 171KB

.rsrc
Size: 21KB - Virtual size: 25KB