aefae01a8ba70479c3c0fb89e3cb8723_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

aefae01a8ba70479c3c0fb89e3cb8723_JaffaCakes118
Size

856KB
MD5

aefae01a8ba70479c3c0fb89e3cb8723
SHA1

7976b8c5ea0e2e72c1eb8524002c87d3c25eac16
SHA256

41496930789c15370bbdd26245b146b74085c766d2a99602bd770ecc8ed6ba9d
SHA512

ba15dec821cec270d62e1bb4c01efc26e3df7870fb67c9635c48a017f585c2e166b8413c0ecf8c005e35a3d76b307005c76cab57b1d856733aa7a0cd9e313e4e
SSDEEP

24576:hn+9xpjhq48lt+Ug9/FoSyQPGs82biWU4:hnop0lEUgYSy83+C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aefae01a8ba70479c3c0fb89e3cb8723_JaffaCakes118

Files

aefae01a8ba70479c3c0fb89e3cb8723_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2c7e6a8141dd15426a30108989c747e6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadPriority
LoadLibraryA
InitializeSListHead
GetOEMCP
GetPrivateProfileSectionNamesA
RegisterWaitForSingleObjectEx
GetAtomNameA
FindFirstVolumeA
ExpungeConsoleCommandHistoryA
Module32Next
GetConsoleFontSize
lstrcmpA
GetFirmwareEnvironmentVariableA
EnumCalendarInfoExA
HeapAlloc
ExitProcess
VirtualAlloc
GlobalAddAtomW
SetCommConfig
RequestWakeupLatency
ConnectNamedPipe
GetCurrentDirectoryW
ReleaseMutex
AddVectoredExceptionHandler
OpenFileMappingA
SetHandleCount
_lread
SetMailslotInfo
GetCompressedFileSizeA
QueryPerformanceCounter
HeapDestroy

w32topl

ToplGraphMakeRing
ToplEdgeSetFromVertex
ToplDeleteSpanningTreeEdges
ToplAddEdgeToGraph
ToplGraphFree
ToplScheduleValid
ToplGraphNumberOfVertices
ToplEdgeFree
ToplListAddElem
ToplVertexNumberOfInEdges
ToplScheduleDuration
ToplHeapIsEmpty
ToplEdgeGetFromVertex
ToplHeapDestroy
ToplListSetIter
ToplEdgeGetWeight
ToplIterAdvance
ToplEdgeDestroy
ToplAddEdgeSetToGraph
ToplEdgeSetWeight
ToplDeleteComponents
ToplScheduleCacheDestroy
ToplGraphCreate
ToplScheduleMaxUnavailable
ToplEdgeCreate
ToplGetSpanningTreeEdgesForVtx
ToplListRemoveElem
ToplSTHeapCostReduced
ToplVertexCreate

odbctrac

TraceSQLPrepare
TraceSQLError
TraceSQLSetStmtAttrW
TraceSQLAllocEnv
TraceSQLDataSourcesW
TraceSQLSetCursorNameW
TraceSQLDescribeParam
TraceSQLSetConnectOption
TraceSQLPrimaryKeys
TraceCloseLogFile
TraceSQLBindParameter
TraceSQLAllocHandleStd
TraceSQLGetDescRec
TraceSQLColAttributes
TraceSQLGetCursorName
TraceSQLSetParam
TraceSQLFetchScroll
TraceSQLStatisticsW
TraceSQLDataSources
TraceSQLFreeEnv
TraceSQLGetFunctions
TraceSQLColAttribute
TraceSQLTablesW
TraceSQLGetStmtAttrW
TraceSQLBrowseConnectW
TraceSQLAllocConnect
TraceSQLGetDescField
TraceSQLStatistics
TraceSQLTablePrivilegesW
TraceSQLConnectW
TraceSQLSetScrollOptions
TraceSQLProcedures
TraceSQLGetDiagField
TraceSQLGetDiagRec
TraceSQLGetDiagRecW
TraceSQLGetDescFieldW
TraceSQLTables
TraceSQLGetConnectAttrW
TraceSQLNativeSql
TraceSQLParamData
TraceSQLForeignKeysW
TraceSQLSetConnectOptionW
TraceSQLFreeHandle
TraceSQLSetPos
TraceSQLColAttributeW

advapi32

CryptGenKey
SystemFunction033
WriteEncryptedFileRaw
SetEntriesInAclA
CreateProcessAsUserA
CredWriteA
RegSaveKeyExA
InitializeAcl
ImpersonateNamedPipeClient
EnumerateTraceGuids
CryptDuplicateKey
LsaOpenPolicy
SaferiRecordEventLogEntry
RegConnectRegistryA
LsaQueryTrustedDomainInfoByName
OpenTraceW
LsaGetSystemAccessAccount
CryptGetUserKey
CryptImportKey
RegQueryValueW
RegOpenUserClassesRoot
IsTextUnicode
CreatePrivateObjectSecurity
I_ScSetServiceBitsA
GetServiceKeyNameA
InstallApplication
RegSaveKeyW
BuildTrusteeWithNameA
EncryptFileA
SetFileSecurityA
CreateServiceW
OpenEventLogA
WmiEnumerateGuids

Sections

.text
Size: 354KB - Virtual size: 354KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 358KB - Virtual size: 358KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c7e6a8141dd15426a30108989c747e6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

w32topl

odbctrac

advapi32

Sections

.text Size: 354KB - Virtual size: 354KB

.rdata Size: 358KB - Virtual size: 358KB

.data Size: 140KB - Virtual size: 1.6MB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 354KB - Virtual size: 354KB

.rdata
Size: 358KB - Virtual size: 358KB

.data
Size: 140KB - Virtual size: 1.6MB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B