bbccee6acb84ed8211ae3023239493b6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bbccee6acb84ed8211ae3023239493b6_JaffaCakes118
Size

84KB
MD5

bbccee6acb84ed8211ae3023239493b6
SHA1

7dd3e90198663366a4ad8d3967404a66a105272f
SHA256

09581e6b93920c193ba2f5bf8f13ff249f65d5eb5031456182f2a3fb61769eee
SHA512

cd7c339c1492b5a553b0c9babfb0726229cae7ca38e2f03815f8d15d3ff60b2103d03c3d6141bd492b137f7435cca96f5f8e71a1df111884e41718923696ce55
SSDEEP

1536:ldhqSkNbVn8KH6O3lz1BLkUkH9Y2MmfjRBvsQd34vlBXP0JArWGY:lHqTV8KH6O1z3LFc9tbvpdcvjY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbccee6acb84ed8211ae3023239493b6_JaffaCakes118

Files

bbccee6acb84ed8211ae3023239493b6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

57f091055241dad7d368abb20a58d52a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

query

?GetBOOL@CAllocStorageVariant@@QBEFI@Z
CollectFILTERPerformanceData
?Marshall@CNodeRestriction@@QBEXAAVPSerStream@@@Z
??0CAllocStorageVariant@@QAE@W4VARENUM@@KAAVPMemoryAllocator@@@Z
??1CDbSortSet@@QAE@XZ
??1?$XPtr@VCDbProjectListAnchor@@@@QAE@XZ
?UnMarshall@CDbNumeric@@QAEHAAVPDeSerStream@@@Z
?ReadPrimaryProperty@CPropStoreManager@@QAEHKKAAUtagPROPVARIANT@@@Z
??1CCatState@@QAE@XZ
?GetNumber@CQueryScanner@@QAEHAA_JAAH@Z
?Clone@CRestriction@@QBEPAV1@XZ
?WideCharToXArrayMultiByte@@YGKPBGKIAAV?$XArray@E@@@Z
?AddMachine@CCatState@@QAEXAAV?$XPtrST@G@@@Z

msvcrt40

_inp
??0strstreambuf@@QAE@ABV0@@Z
_flushall
?fLockcInit@ios@@0HA
?putback@istream@@QAEAAV1@D@Z
_memicmp
_adj_fdiv_m32i
_fpreset
??_8istrstream@@7B@
_adj_fptan
??0ofstream@@QAE@PBDHH@Z
??_Eios@@UAEPAXI@Z
_ismbbkana
??0fstream@@QAE@H@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??_Gios@@UAEPAXI@Z
?delbuf@ios@@QBEHXZ
fgetwc
_mbslen
??5istream@@QAEAAV0@AAF@Z
??0strstreambuf@@QAE@XZ
?unlockc@ios@@KAXXZ
??0ios@@QAE@PAVstreambuf@@@Z
?lock@streambuf@@QAEXXZ
_CIatan2
_heapused
strncpy
_lseeki64
_y1
??5istream@@QAEAAV0@AAH@Z
strpbrk

kernel32

SetConsoleHardwareState
CreateDirectoryExA
GetStartupInfoA
WriteTapemark
GetTickCount
EnumCalendarInfoExA
LZClose
LoadLibraryA
GlobalSize
EnumResourceNamesW
VirtualAlloc
GetSystemTimeAsFileTime
HeapCreate
GetLastError
GetCurrentThreadId
GetCommState
GetFullPathNameA
UnlockFileEx
GetCurrentProcessId
QueryPerformanceCounter
GetPrivateProfileSectionW

iphlpapi

GetUdpTable
GetTcpStatistics
InternalGetIpForwardTable
IcmpSendEcho2
GetUniDirectionalAdapterInfo
InternalSetIpForwardEntry
SetIpNetEntry
_PfDeleteLog@0
_PfUnBindInterface@4
SetTcpEntry
_PfRemoveFilterHandles@12
IcmpCreateFile

ir32_32

DllMain
AboutDialogProc
DriverProc
DriverDialogProc

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57f091055241dad7d368abb20a58d52a

Headers

DLL Characteristics

File Characteristics

Imports

query

msvcrt40

kernel32

iphlpapi

ir32_32

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 22KB - Virtual size: 31KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 512B - Virtual size: 272B

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 22KB - Virtual size: 31KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 512B - Virtual size: 272B