a97e7013dbeca706461902e89e2bbd57_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a97e7013dbeca706461902e89e2bbd57_JaffaCakes118
Size

86KB
MD5

a97e7013dbeca706461902e89e2bbd57
SHA1

3db20eff927df831293b5c57621badd568d099d0
SHA256

e1c114f02f4e79679cf9e53acd24c0023575cc2ae74b39837e4e7563685fc579
SHA512

63fc3d6f16341dd291640a761ffd26676bd0db24681f22947a3f00b9d868bd61ecf84e5c03f5d4fbc4ecbe5fce27fcefc218a172dfb91609bc8eda2a76ab6c2a
SSDEEP

1536:A2k9wwAzU1yIrr+p3lrdjJUtNjacu/JsSLpvU5OHltS+Ny72+6jq38zUwZrSYL:A2k9wwpMMuJwv8/JsfilNy7eFz4YL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a97e7013dbeca706461902e89e2bbd57_JaffaCakes118

Files

a97e7013dbeca706461902e89e2bbd57_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c08844cfcf22438fb9bb3cf91afa28cc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__set_app_type
__wargv
is_wctype
__p__commode
_ismbclegal
_adj_fdiv_r
?set_new_handler@@YAP6AXXZP6AXXZ@Z
__threadhandle
_EH_prolog
wcschr
_ungetch
wcsncpy
??4bad_cast@@QAEAAV0@ABV0@@Z
__CxxRegisterExceptionObject
__p__wpgmptr
wcscmp
__p__mbcasemap
??_Gbad_typeid@@UAEPAXI@Z
_stricmp
_wstat64
exit
_mbctokata
_mbscpy
iswcntrl
_wtoi
vsprintf
_logb
_wcslwr
_set_SSE2_enable
_Gettnames
_strset
_ismbcl1
??1type_info@@UAE@XZ

msvcrt40

?seekg@istream@@QAEAAV1@JW4seek_dir@ios@@@Z
exit
_findnext
_execlpe
_scalb
_cabs
_mbsbtype
setvbuf
memset
_j0
_mbscat
?seekoff@strstreambuf@@UAEJJW4seek_dir@ios@@H@Z
?underflow@stdiobuf@@UAEHXZ
??_Gostream@@UAEPAXI@Z
??_Eistream@@UAEPAXI@Z
_ismbbkana
__wgetmainargs
_mbslen
?unlock@ios@@QAAXXZ
iswcntrl

perfos

CollectOSObjectData
OpenOSObject
CloseOSObject

query

?GetLCIDFromString@@YGKPAG@Z
?AddRefWorkThreads@CWorkQueue@@QAEXXZ
?SetProperty@CFullPropSpec@@QAEXK@Z
??3CDbContent@@SGXPAX@Z
?GetChar@CMemDeSerStream@@UAEXPADK@Z
?Value@CDbScalarValue@@QAEXAAVCStorageVariant@@@Z
?ReportEventW@CEventLog@@QAEXAAVCEventItem@@@Z
?Close@CPhysStorage@@QAEXXZ
FsCiShutdown
?MakePrivileged@CImpersonateSystem@@AAEXXZ
?PutWString@CDbCmdTreeNode@@SGXAAVPSerStream@@PBG@Z
?SetCD@CCatState@@QAEXPBG@Z
?PutMaxValue@CValueNormalizer@@QAEXKAAKW4VARENUM@@@Z
?UnMarshall@CDbProperties@@QAEHAAVPDeSerStream@@@Z
?GetLPSTR@CAllocStorageVariant@@QBEPADI@Z
?IsValid@CAllocStorageVariant@@QBEHXZ
??0CTimeLimit@@QAE@KK@Z
?Unmap@CRcovStrmTrans@@IAEXW4DataCopyNum@CRcovStorageHdr@@@Z
?GetBrowserCodepage@@YGKAAVCWebServer@@K@Z
??0CFwAsyncWorkItem@@QAE@AAVCWorkManager@@AAVCWorkQueue@@@Z
?Close@CPropSetMap@COLEPropManager@@QAEXXZ

kernel32

LoadLibraryA
lstrcatA
AllocConsole
GetPrivateProfileIntW
DebugActiveProcessStop
GetFileSizeEx
VirtualAlloc
QueryPerformanceCounter
GetStartupInfoA
GetCurrentThreadId
GetSystemTimeAsFileTime
HeapCreate
CreateFileW
GetCurrentProcessId
OpenThread
CreateToolhelp32Snapshot
ActivateActCtx
FindActCtxSectionGuid
SetConsoleOutputCP
GetTickCount

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c08844cfcf22438fb9bb3cf91afa28cc

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

msvcrt40

perfos

query

kernel32

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 20KB - Virtual size: 24KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 512B - Virtual size: 392B

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 20KB - Virtual size: 24KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 512B - Virtual size: 392B