b8833c34c4bfe267c55fe5410d088f6f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b8833c34c4bfe267c55fe5410d088f6f_JaffaCakes118
Size

70KB
MD5

b8833c34c4bfe267c55fe5410d088f6f
SHA1

51ff0088913e807f1e2add02306ec83facd571ba
SHA256

c4fca86ed77332836208958670108af88d24e37376b8c232ee628ec55b4c3dd5
SHA512

7e866b9f071867aaf10ae75bea93876bd0088cacfa66f3555c6bea863fcbfdd86912a041dc938d9e7e77c32b2485303f836f8be812df067e0083fd4b82e2fa24
SSDEEP

1536:fyW+7p6gxSr/V/9hqPJK+kraSXtT7sAgVjrjunOMu2aZValS:f/8icLOQMuTVIS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8833c34c4bfe267c55fe5410d088f6f_JaffaCakes118

Files

b8833c34c4bfe267c55fe5410d088f6f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7b5ecba554324459042ab3fb7596beac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

__dllonexit
__set_app_type
wcschr
_except_handler3
_controlfp
_onexit
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
wcsstr
sprintf
wcstoul
swprintf
atoi
atol
malloc
time
rand
wcscat
_purecall
_local_unwind2
srand
wcscpy
_wcsicmp
free
wcscmp
wcslen

advapi32

StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerW
SetServiceStatus

kernel32

WaitForSingleObject
GetProcessHeap
GetComputerNameW
ReleaseSemaphore
CreateSemaphoreW
ExitProcess
CreateThread
GetLastError
GetTickCount
ExitThread
IsBadStringPtrW
SetMailslotInfo
ReadFile
CreateMailslotW
WriteFile
CloseHandle
CreateFileW
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
RaiseException

rpcrt4

RpcStringBindingComposeW
RpcStringBindingParseW
RpcBindingFree
RpcMgmtInqComTimeout
RpcBindingFromStringBindingW
RpcMgmtSetCancelTimeout
UuidToStringW
RpcMgmtStopServerListening
RpcMgmtWaitServerListen
UuidFromStringW
RpcServerRegisterIf
RpcStringFreeW
NdrClientCall2
RpcServerUseProtseqEpW
UuidIsNil
RpcServerListen
RpcRaiseException
RpcImpersonateClient
RpcRevertToSelf
NdrServerCall2

netapi32

DsGetDcNameW
NetServerEnum
NetGetDCName
DsRoleGetPrimaryDomainInformation
DsRoleFreeMemory
NetApiBufferFree
NetRegisterDomainNameChangeNotification

activeds

ord15
ord13

adsldpc

ADSICloseDSObject
ADSICreateDSObject
ADSISetObjectAttributes
ADSIGetObjectAttributes
ADSICloseSearchHandle
ADSIDeleteDSObject
ADSIOpenDSObject
ADSIExecuteSearch
ADSISetSearchPreference
ADSIFreeColumn
ADSIGetColumn
ADSIGetNextRow
ADSIGetFirstRow

user32

wsprintfW

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7b5ecba554324459042ab3fb7596beac

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

rpcrt4

netapi32

activeds

adsldpc

user32

Sections

.text Size: 67KB - Virtual size: 67KB

.data Size: 512B - Virtual size: 744B

.rsrc Size: 1024B - Virtual size: 65KB

.text
Size: 67KB - Virtual size: 67KB

.data
Size: 512B - Virtual size: 744B

.rsrc
Size: 1024B - Virtual size: 65KB