a52ac9fe9dd00cb8016787c2d61dd57b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a52ac9fe9dd00cb8016787c2d61dd57b_JaffaCakes118
Size

643KB
MD5

a52ac9fe9dd00cb8016787c2d61dd57b
SHA1

afff2d466a0211eb0479610662f32a5befdeaef9
SHA256

3b74446649cf54330d27fff0c7c43880b7b974fa86fc15daadbad81531c602eb
SHA512

8f391795bf21b74436b5cb54614e378f1e878f09b1644cc6063d4cfb7fde92f4082357ec489dddd88c2b47cbb29c013ec48072dcc13ad412dc790f722e0de0c5
SSDEEP

12288:dOI9mhNUCvo30vksWaJvaQsK8It7C3XaZsXMpyobotObVMdg8fChHv0yn2kUb++c:eNUM/WaKaZdoaoSCgcS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a52ac9fe9dd00cb8016787c2d61dd57b_JaffaCakes118

Files

a52ac9fe9dd00cb8016787c2d61dd57b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

202b93b3e3b9d0178a5d1f5e7451217d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetComputerNameExA
ExitProcess
DisconnectNamedPipe
GetConsoleSelectionInfo
GetThreadPriority
SetHandleCount
FindFirstVolumeMountPointW
GetProcessIoCounters
SetPriorityClass
SetUserGeoID
SwitchToThread
GlobalSize
OpenMutexA
VirtualAlloc
GetQueuedCompletionStatus
BaseCheckAppcompatCache

msvcrt40

?attach@ofstream@@QAEXH@Z
?adjustfield@ios@@2JB
_amsg_exit
_wexecl
_mbscpy
?freeze@strstreambuf@@QAEXH@Z
??0filebuf@@QAE@H@Z
__p___argv
??_Efstream@@UAEPAXI@Z
iswascii
_mbctohira
??_Distrstream@@QAEXXZ

opengl32

glTexCoord1dv
glRasterPos2iv
glDrawElements
glTexCoord2i
glGetBooleanv
wglUseFontOutlinesA
glRasterPos2i
glGetIntegerv
glDepthMask
glVertex4fv
glPushAttrib
glRasterPos3iv
glBegin
glEvalCoord2fv
glTexGeniv
glTexCoord3d

msvcp60

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@M@Z
?_Xlen@std@@YAXXZ
?_Isinf@?$_Ctr@M@std@@SA_NM@Z
?do_out@?$codecvt@DDH@std@@MBEHAAHPBD1AAPBDPAD3AAPAD@Z
??_0?$_Complex_base@O@std@@QAEAAV01@ABO@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
??Nstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Nstd@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHH@Z
??_Fctype_base@std@@QAEXXZ
?cos@?$_Ctr@N@std@@SANN@Z
?signaling_NaN@?$numeric_limits@O@std@@SAOXZ
?eq@?$char_traits@G@std@@SA_NABG0@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z

netapi32

DsValidateSubnetNameW
DsGetDcSiteCoverageA
NetShareDel
NetpwPathType
RxNetAccessAdd
NetAuditWrite
NetLocalGroupSetInfo
I_NetLogonSamLogonEx
I_NetServerPasswordSet2
DsGetDcNextW
NetLocalGroupEnum
I_NetGetDCList
NetConfigSet

user32

IsWindow
GetMenu
GetWindowDC

Sections

.text
Size: 307KB - Virtual size: 306KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idat_91
Size: 198KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

202b93b3e3b9d0178a5d1f5e7451217d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt40

opengl32

msvcp60

netapi32

user32

Sections

.text Size: 307KB - Virtual size: 306KB

.rdata Size: 132KB - Virtual size: 132KB

.idat_91 Size: 198KB - Virtual size: 272KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 307KB - Virtual size: 306KB

.rdata
Size: 132KB - Virtual size: 132KB

.idat_91
Size: 198KB - Virtual size: 272KB

.rsrc
Size: 4KB - Virtual size: 4KB