b6f4d0a9783b5c675015657f5498c672_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b6f4d0a9783b5c675015657f5498c672_JaffaCakes118
Size

76KB
MD5

b6f4d0a9783b5c675015657f5498c672
SHA1

b9bf2b5f546fd108bc550a1272f284c5866524ed
SHA256

50e25fc5ba254671d7ba89642561d543714d7f64496b0a73001d278c1b52de50
SHA512

b0bb437d55ec205df4ee750897915eb6de205b24c04a78bf23a141ef3d137d0c18343cfe6b8f234266c66fa9faf71c1a0798f62514c2fe316d73a611f34326d1
SSDEEP

1536:o2dA/8afDQss/VAfgEuEQpN29I0vRHs5NDF2kvOehvM:Ne1xsOfgEuEU2IwHs5NDF2Ihk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6f4d0a9783b5c675015657f5498c672_JaffaCakes118

Files

b6f4d0a9783b5c675015657f5498c672_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4fe1991ed9e0fd5255f1e07d1c19c03

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

ntohs
htons
htonl
ntohl

kernel32

WaitForSingleObject
TerminateThread
CreateDirectoryA
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
MapViewOfFile
VirtualAlloc
ReleaseMutex
OpenFileMappingA
OpenProcess
DuplicateHandle
DeleteCriticalSection
CreateMutexA
CreateFileMappingA
OpenMutexA
LocalFree
LocalAlloc
GetModuleHandleA
lstrcmpA
GetSystemTimeAsFileTime
SetThreadPriority
SetEndOfFile
SetFilePointer
FlushFileBuffers
ReadFile
WriteFile
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateThread
ResetEvent
WaitForMultipleObjects
CreateEventA
CloseHandle
CreateFileA
lstrcpynA
lstrlenA
AreFileApisANSI
GetFullPathNameA
lstrcpynW
lstrlenW
SetLastError
GetFullPathNameW
WideCharToMultiByte
GetPrivateProfileStringA
FreeLibrary
DeleteFileA
CopyFileA
UnmapViewOfFile
FreeEnvironmentStringsW
FreeEnvironmentStringsA
RaiseException
HeapSize
LCMapStringW
LCMapStringA
GetLocalTime
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
GetProcessHeap
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlUnwind
SetHandleCount
GetStdHandle
GetFileType
GetConsoleCP
GetConsoleMode
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapDestroy
VirtualFree
IsValidLocale
VirtualAllocEx

user32

EnableWindow
MsgWaitForMultipleObjects
DispatchMessageA
PeekMessageA
TranslateMessage

advapi32

EqualSid
RegOpenKeyA
GetSecurityDescriptorDacl
InitializeSecurityDescriptor
FreeSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
SetSecurityDescriptorDacl
SetEntriesInAclA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

ord680
ShellExecuteExA
SHGetMalloc
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetSpecialFolderLocation

ole32

CoTaskMemFree

esent

JetCreateIndex

dskquota

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.eZJe
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.klxGp
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VIk
Size: 512B - Virtual size: 386B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.O
Size: 512B - Virtual size: 674B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 44KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.EpIAhi
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4fe1991ed9e0fd5255f1e07d1c19c03

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

advapi32

shell32

ole32

esent

dskquota

Sections

.text Size: 18KB - Virtual size: 17KB

.eZJe Size: 1KB - Virtual size: 1KB

.klxGp Size: 2KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 3KB

.VIk Size: 512B - Virtual size: 386B

.O Size: 512B - Virtual size: 674B

.data Size: 44KB - Virtual size: 324KB

.EpIAhi Size: 1KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 18KB - Virtual size: 17KB

.eZJe
Size: 1KB - Virtual size: 1KB

.klxGp
Size: 2KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 3KB

.VIk
Size: 512B - Virtual size: 386B

.O
Size: 512B - Virtual size: 674B

.data
Size: 44KB - Virtual size: 324KB

.EpIAhi
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 2KB