af238e5d460f4579bbbef597ff9edbb5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

af238e5d460f4579bbbef597ff9edbb5_JaffaCakes118
Size

190KB
MD5

af238e5d460f4579bbbef597ff9edbb5
SHA1

b511081c308e3f36bedc9a1f97fbc5ce8d4d4443
SHA256

a615c72014f156822063aedc81e6ea594c12c9e88ab0685dbd2929c1cf71206c
SHA512

45e36a517f299e345f9cd203ef5c65f526daf5137b80aa7f3ac214f7e636203684e2757ed5b349895bf0048b32dd9ff7a682eacb468b17940271581725232a96
SSDEEP

3072:aWYMA9O413j4TSIPH7ZopSAuhmGFt98db5BHlEzzu1QWUhrZ:Iw41TELfqpSRltSpN0uqJH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af238e5d460f4579bbbef597ff9edbb5_JaffaCakes118

Files

af238e5d460f4579bbbef597ff9edbb5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

22cb40ec39f359423e1084bbb77e473f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VarI2FromUI2
VarR4FromStr
VarUdateFromDate
VarDateFromUI8
LoadTypeLibEx
VarI8FromCy
VarI8FromI1
VarI2FromDisp
VarCyFromR8
VarBoolFromR4
VarI2FromR4
CreateDispTypeInfo
VarI4FromI2
VarDecNeg
VarDecFromDisp
SafeArraySetIID

msvcp60

?table@?$ctype@D@std@@IBEPBFXZ
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@GABV10@@Z
??4?$complex@O@std@@QAEAAV01@ABV01@@Z
?polar@std@@YA?AV?$complex@M@1@ABM@Z
??0_Lockit@std@@QAE@XZ
?scan_not@?$ctype@D@std@@QBEPBDFPBD0@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@XZ
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXID@Z
??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
?_Doraise@underflow_error@std@@MBEXXZ
??Dstd@@YA?AV?$complex@M@0@ABV10@ABM@Z

kernel32

EnumSystemGeoID
UpdateResourceW
DebugBreak
lstrcpynA
LoadLibraryA
FindFirstVolumeMountPointW
GetCurrentProcessId
DeleteVolumeMountPointW
CompareStringW
EnumCalendarInfoA
HeapSetInformation
GetBinaryType
QueryPerformanceCounter
MultiByteToWideChar
GetTickCount
SetConsoleWindowInfo
GetConsoleMode
SetFileShortNameA
GetNativeSystemInfo
VirtualAlloc
GetCurrentThreadId
GetDiskFreeSpaceA

opengl32

glColor4usv
glTexCoord1dv
glCallList
glTexCoord2iv
glRasterPos4d
glDrawElements
glLighti
glStencilFunc
glListBase
glPixelTransferi
glIndexf
glDebugEntry

rasapi32

RasGetSubEntryPropertiesW
RasEnumConnectionsA
RasDialA
RasSetCredentialsA
RasGetSubEntryPropertiesA
RasSetOldPassword
RasGetHport
RasAutodialEntryToNetwork
RasGetCredentialsA
RasGetAutodialEnableW
RasQuerySharedAutoDial
RasGetSubEntryHandleA
RasGetEapUserIdentityA
RasSetEapUserDataW

clusapi

ClusterResourceCloseEnum
ClusterRegEnumKey
ClusterNodeCloseEnum
GetClusterNodeState
RemoveClusterResourceNode
GetClusterFromGroup
ClusterResourceGetEnumCount
ClusterGroupEnum
CloseClusterNetInterface
GetClusterNetInterfaceKey
OnlineClusterGroup
ClusterRegGetKeySecurity
GetClusterNetworkId
ClusterNetworkControl
ClusterGroupCloseEnum
OpenClusterGroup

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idat_94
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22cb40ec39f359423e1084bbb77e473f

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

msvcp60

kernel32

opengl32

rasapi32

clusapi

Sections

.text Size: 86KB - Virtual size: 85KB

.idat_94 Size: 54KB - Virtual size: 54KB

.data Size: 46KB - Virtual size: 49KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 86KB - Virtual size: 85KB

.idat_94
Size: 54KB - Virtual size: 54KB

.data
Size: 46KB - Virtual size: 49KB

.rsrc
Size: 2KB - Virtual size: 1KB