a33efc6afb85cfe0da95fc2429d0aada_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a33efc6afb85cfe0da95fc2429d0aada_JaffaCakes118
Size

85KB
MD5

a33efc6afb85cfe0da95fc2429d0aada
SHA1

eee2894cf50edd59ec145f143c33d4410a8f84cc
SHA256

0462824748c8c17f626ea55f756e551760865a387ca882460144d3e214de76fa
SHA512

49ac5574b803ee77ecca4201edd67f997027fe0d1ff92dcbb4ae0d7b3e95ffb8a745b6f51f57f88928ad7c401cfb092e575070c54326bd50fd743cb1ce3e35b4
SSDEEP

1536:P7ELT9OA+F4EiBJ98MAUyMWbqTpG5NbZJJXbkMzhU25lD4rp229IL23s3GzR/uq8:zEPcA+7iryM+qUBZJJLzXp4rpaL98F/8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a33efc6afb85cfe0da95fc2429d0aada_JaffaCakes118

Files

a33efc6afb85cfe0da95fc2429d0aada_JaffaCakes118
.exe windows:5 windows x86 arch:x86

401620815a769b5b5eb2915c04436949

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleKeyboardLayoutNameW
SetTapePosition
GetSystemTimeAsFileTime
GetCurrentThreadId
TlsFree
GetFileSize
LZDone
VirtualAlloc
GetModuleHandleW
LoadLibraryA
GetTickCount
GetThreadTimes
CancelIo
SetConsoleNlsMode
GetCurrentProcessId
HeapAlloc
SetCommConfig
QueryActCtxW
QueryPerformanceCounter
HeapLock

msdart

?TryReadLock@CFakeLock@@QAE_NXZ
?sm_dblDfltSpinAdjFctr@CCritSec@@1NA
??4CSingleList@@QAEAAV0@ABV0@@Z
?TryWriteLock@CReaderWriterLock@@QAE_NXZ
?SetSpinCount@CFakeLock@@QAE_NG@Z
?Unlock@CLockedSingleList@@QAEXXZ
?_Unlock@CSpinLock@@AAEXXZ
?_Initialize@CLKRLinearHashTable@@AAE?AW4LK_RETCODE@@P6G?BKPBX@ZP6GKK@ZP6G_NKK@ZP6GX0H@ZPBDNK@Z
?WriteLock@CSmallSpinLock@@QAEXXZ
??4CReaderWriterLock3@@QAEAAV0@ABV0@@Z
?_AddRefRecord@CLKRLinearHashTable@@ABEXPBXH@Z
?sm_lpOSVERSIONINFO@CMdVersionInfo@@0PAU_OSVERSIONINFOW@@A
??0CLockedSingleList@@QAE@XZ

d3d8thk

OsThunkDdFlipToGDISurface
OsThunkDdQueryMoCompStatus
OsThunkDdGetAvailDriverMemory
OsThunkDdUnlockD3D
OsThunkDdAttachSurface
OsThunkDdUpdateOverlay
OsThunkDdDeleteDirectDrawObject
OsThunkDdBeginMoCompFrame
OsThunkD3dDrawPrimitives2
OsThunkDdCreateSurface
OsThunkDdSetGammaRamp

cfgmgr32

CM_Disconnect_Machine
CMP_Init_Detection
CM_Set_HW_Prof_Flags_ExA
CM_Add_Res_Des
CM_Get_Hardware_Profile_Info_ExW
CM_Detect_Resource_Conflict
CM_Get_DevNode_Registry_PropertyA
CM_Enable_DevNode
CM_Find_Range
CM_Move_DevNode
CM_Get_Res_Des_Data
CM_Add_Res_Des_Ex
CM_Locate_DevNode_ExW

netapi32

I_NetLogonControl2
I_NetServerPasswordSet2
NetMessageBufferSend
NetShareCheck
I_NetServerSetServiceBitsEx
I_NetLogonSamLogon
NetScheduleJobGetInfo
NlBindingSetAuthInfo
NlBindingRemoveServerFromCache
I_BrowserDebugTrace
NetServiceGetInfo
NetMessageNameEnum
NetGroupDel
NetpGetConfigDword

setupapi

SetupDuplicateDiskSpaceListW
SetupGetLineTextA
CM_Get_Class_Key_NameW
CM_Remove_SubTree_Ex
SetupInstallFileA
pSetupSetArrayToMultiSzValue
SetupGetFileCompressionInfoW
SetupGetFileCompressionInfoExW
CM_Set_Class_Registry_PropertyW
SetupDiSetDeviceInterfaceDefault
CM_Get_Sibling_Ex
CMP_GetServerSideDeviceInstallFlags
SetupGetInfFileListW
CMP_RegisterNotification
SetupDiDestroyDriverInfoList
CM_Get_DevNode_Custom_PropertyA
SetupDiGetDeviceInterfaceDetailA
SetupSetSourceListA

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

401620815a769b5b5eb2915c04436949

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msdart

d3d8thk

cfgmgr32

netapi32

setupapi

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 21KB - Virtual size: 73KB

.rsrc Size: 20KB - Virtual size: 20KB

.reloc Size: 512B - Virtual size: 300B

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 21KB - Virtual size: 73KB

.rsrc
Size: 20KB - Virtual size: 20KB

.reloc
Size: 512B - Virtual size: 300B