a0a1b36affb23c65c96191745d450324_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a0a1b36affb23c65c96191745d450324_JaffaCakes118
Size

87KB
MD5

a0a1b36affb23c65c96191745d450324
SHA1

d57c4d81279db7405ccaab22c2e2a84e8838657e
SHA256

44051e4e1a879371ddac72cc31a2e577d6f59ec9133bdee1b6c30f07e1126dc6
SHA512

3eef6c167eee0f93dd376b015b935783e8793b1e701131550b08f542a99ffa9a2504c7e4d1e79cec80ddc5d328d567ea989b7359042fc20f078526eae5df9c03
SSDEEP

1536:JV7XECGUnPiH87kGTBjyyD800KV81OvyOyJLRXKsnatX3CW7NkyUS8Dja:37XEbUnPylGTBje0FyYyO6FIkrDe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0a1b36affb23c65c96191745d450324_JaffaCakes118

Files

a0a1b36affb23c65c96191745d450324_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e598295084b0c3c38d013a2b88b24b00

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

_fgetwchar
_strncnt
_wtoi
iswctype
_logb
_findnext
asctime
_ungetch
memcmp
fputs
wcscat
sqrt
pow
_strspnp
_mbsicmp
_pgmptr_dll
_except_handler2
_strerror

kernel32

GetProcessVersion
GetStringTypeExW
GetNumaNodeProcessorMask
LoadLibraryA
EnumerateLocalComputerNamesA
GetTickCount
IsBadStringPtrA
GetCurrentProcessId
IsBadHugeWritePtr
FileTimeToSystemTime
lstrcmpiW
GetThreadSelectorEntry
RtlMoveMemory
VirtualAlloc
GetModuleHandleW
FindResourceExW
SetLocalPrimaryComputerNameW
GetWriteWatch
GetQueuedCompletionStatus
SetConsoleCursorPosition
GetSystemTimeAsFileTime
OpenJobObjectW
SetConsoleInputExeNameW
GetNumaProcessorNode
QueryPerformanceCounter
GetCurrentThreadId

modemui

drvSetDefaultCommConfigW
UnimodemGetDefaultCommConfig
drvGetDefaultCommConfigW
drvSetDefaultCommConfigA
CountryRunOnce
QueryModemForCountrySettings
drvCommConfigDialogA
ModemCplDlgProc
UnimodemGetExtendedCaps
drvCommConfigDialogW
UnimodemDevConfigDialog

setupapi

pSetupCenterWindowRelativeToParent
SetupSetFileQueueFlags
SetupUninstallNewlyCopiedInfs
CM_Uninstall_DevNode_Ex
CM_Get_Resource_Conflict_Count
CM_Get_Res_Des_Data
SetupDiGetHwProfileListExW
CM_Create_DevNodeA
pSetupRegistryDelnode
SetupIterateCabinetA
SetupGetStringFieldW
SetupDiGetHwProfileList
SetupDiGetClassDescriptionA
CM_Delete_Class_Key
pSetupStringTableLookUpString
SetupDiCreateDeviceInfoListExW
CM_Get_Hardware_Profile_Info_ExW
SetupDiSetDeviceInterfaceDefault
CM_Get_DevNode_Status_Ex
CM_Register_Device_Interface_ExA

d3d8thk

OsThunkDdSetColorKey
OsThunkDdGetBltStatus
OsThunkDdDestroyMoComp
OsThunkD3dContextDestroy
OsThunkDdGetDxHandle
OsThunkDdResetVisrgn
OsThunkDdQueryMoCompStatus
OsThunkD3dContextCreate
OsThunkDdAddAttachedSurface
OsThunkDdGetFlipStatus

msvcp60

?decimal_point@?$numpunct@D@std@@QBEDXZ
??0_Winit@std@@QAE@XZ
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
?readsome@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHPADH@Z
?round_error@?$numeric_limits@K@std@@SAKXZ
?compare@?$collate@D@std@@QBEHPBD000@Z
?clear@ios_base@std@@QAEXH_N@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@
?do_hash@?$collate@D@std@@MBEJPBD0@Z

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e598295084b0c3c38d013a2b88b24b00

Headers

DLL Characteristics

File Characteristics

Imports

crtdll

kernel32

modemui

setupapi

d3d8thk

msvcp60

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 23KB - Virtual size: 81KB

.rsrc Size: 21KB - Virtual size: 20KB

.reloc Size: 512B - Virtual size: 284B

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 23KB - Virtual size: 81KB

.rsrc
Size: 21KB - Virtual size: 20KB

.reloc
Size: 512B - Virtual size: 284B