a451a68cf977b427461b81d3366f8ada_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a451a68cf977b427461b81d3366f8ada_JaffaCakes118
Size

861KB
MD5

a451a68cf977b427461b81d3366f8ada
SHA1

f3668336a534459f3d0637605be785de4e5ef35a
SHA256

d31f4c23f98a9dfcc7b3b95fe17e1061e32e218d0de9380414d0b68bc74c60df
SHA512

3d477980583f064bd4c19b19e0719291cd004752b0491a56031fa965717398162dd640292c913965bf63f9bcf5facbcf68f1892c7fa41cccce17fca7698e8f99
SSDEEP

12288:E8meI8s+eoQR968kabfvYay3mozyHRgjZUPQ9bREWK4EShfdbk4eNt0+S8Kpw9Fk:7+MYRY8kabnCuHIn9bK47Y4eNtfSNN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a451a68cf977b427461b81d3366f8ada_JaffaCakes118

Files

a451a68cf977b427461b81d3366f8ada_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6ea683bde197daef8197fd41009e7d35

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DefineDosDeviceA
LoadLibraryA
GetSystemDefaultUILanguage
EnumDateFormatsW
UpdateResourceW
LoadResource
InterlockedExchangeAdd
CreateJobObjectA
FindNextVolumeMountPointA
RegisterWaitForSingleObject
LoadLibraryExA
RegisterConsoleVDM
QueryPerformanceFrequency
GetSystemPowerStatus
AddConsoleAliasW
GetNumberFormatW
LZRead
GetEnvironmentStringsA
SetProcessWorkingSetSize
GetModuleHandleW
GetStartupInfoA
CompareStringA
GetDateFormatW
SetConsoleNumberOfCommandsA
EnumTimeFormatsA
DeviceIoControl
InitAtomTable
GetLogicalDriveStringsW
GetSystemDefaultLangID
WritePrivateProfileStructA
DeleteAtom
GetUserDefaultUILanguage
VirtualAlloc
CompareFileTime
GetDiskFreeSpaceA
WriteConsoleA
GetConsoleOutputCP
GetDriveTypeA
VerifyVersionInfoW
HeapCreate
FindFirstVolumeMountPointA
GetProcessPriorityBoost
FatalAppExitA
lstrcat
SetConsoleMaximumWindowSize
GetStartupInfoW
GetStringTypeExW
UnregisterConsoleIME
UTRegister

ntprint

PSetupBuildDriversFromPath
PSetupInstallPrinterDriver
PSetupProcessPrinterAdded
ClassInstall32
PSetupDriverInfoFromName
PSetupCreatePrinterDeviceInfoList
PSetupEnumMonitor
PSetupGetPathToSearch
PSetupIsTheDriverFoundInInfInstalled
PSetupSelectDriver
PSetupIsCompatibleDriver
PSetupGetSelectedDriverInfo
PSetupIsDriverInstalled
PSetupAssociateICMProfiles
PSetupDestroyPrinterDeviceInfoList
PSetupGetDriverInfo3
PSetupThisPlatform
PSetupSelectDeviceButtons
ServerInstallW
PSetupCreateMonitorInfo
PSetupInstallInboxDriverSilently
PSetupFreeMem
PSetupFreeDrvField
PSetupCreateDrvSetupPage
PSetupDestroySelectedDriverInfo
PSetupDestroyMonitorInfo
PSetupShowBlockedDriverUI
PSetupPreSelectDriver
PSetupGetLocalDataField
PSetupInstallICMProfiles
PSetupSetSelectDevTitleAndInstructions
PSetupDestroyDriverInfo3
PSetupInstallMonitor

setupapi

pSetupStringTableAddString
CM_Get_Res_Des_Data
SetupUninstallOEMInfA
CM_Request_Eject_PC_Ex
pSetupAddMiniIconToList
CM_Request_Eject_PC
SetupScanFileQueueW
CM_Get_DevNode_Registry_Property_ExA
SetupQueueDefaultCopyW
pSetupSetGlobalFlags
CM_Get_Device_ID_ExA
SetupDiGetDeviceRegistryPropertyA
SetupCopyErrorA
UnicodeToMultiByte
SetupGetTargetPathW
CM_Invert_Range_List
CM_Get_Device_Interface_AliasW
CM_Get_Depth
SetupDiGetDeviceInstallParamsW
SetupPromptReboot
pSetupRetrieveServiceConfig
SetupDiClassGuidsFromNameW
pSetupStringTableGetExtraData
SetupInstallFromInfSectionA
SetupInstallServicesFromInfSectionW
SetupGetMultiSzFieldA
SetupRemoveFileLogEntryA
SetupDiCallClassInstaller
SetupDiCreateDeviceInfoA
CM_Add_IDW
SetupQuerySpaceRequiredOnDriveA
CM_Add_IDA
CM_Get_Child_Ex
pSetupMalloc
SetupIterateCabinetA
CM_Enumerate_Enumerators_ExA
SetupGetSourceFileSizeA
CM_Set_DevNode_Registry_PropertyW
SetupDefaultQueueCallbackW

adsldpc

ADSIGetFirstRow
?GetNextToken@CLexer@@QAEJPAGPAK@Z
LdapAddS
LdapOpenObject2
ConvertU2TrusteeToSid
FreeADsStr
ADsSetLastError
ADsGetNextColumnName
ADSIExecuteSearch
LdapNextAttribute
GetDisplayName
ReadServerSupportsIsADControl
IsGCNamespace
SchemaClose
GetLDAPTypeName
ADsWriteAttributeDefinition
LdapOpenObject
BuildADsPathFromLDAPPath2
ADsCreateDSObjectExt
?SetExclaimnationDisabler@CLexer@@QAEXH@Z
LdapReadAttribute2
FreeObjectInfo
LdapTypeCopyConstruct
SchemaGetClassInfoByIndex
??1CLexer@@QAE@XZ
LdapCrackUserDNtoNTLMUser2

Sections

.text
Size: 359KB - Virtual size: 359KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 375KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ea683bde197daef8197fd41009e7d35

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntprint

setupapi

adsldpc

Sections

.text Size: 359KB - Virtual size: 359KB

.rdata Size: 375KB - Virtual size: 375KB

.data Size: 124KB - Virtual size: 1.6MB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 359KB - Virtual size: 359KB

.rdata
Size: 375KB - Virtual size: 375KB

.data
Size: 124KB - Virtual size: 1.6MB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B