bc3a9be5747f7f5d77745c80108f1fba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bc3a9be5747f7f5d77745c80108f1fba_JaffaCakes118
Size

83KB
MD5

bc3a9be5747f7f5d77745c80108f1fba
SHA1

99ea578a17ed847318764e375b8615f6cbe910d2
SHA256

268c6f6eeffab1cd6623cae6497aca6c28114016736b2dc60cdacffefe21184f
SHA512

38be16ba6dd8a61e1832dbce26d6001483dc6504a345e7c6647b58b3032845b1bd0619409ae19124477eb6120c218b50dd47f06e3b2edf125472f5d5a6c07182
SSDEEP

1536:oAqBUumjPpihyGcHI+jR8HXOL9CZcJjsEOgIH7dC5nxUBYUhicCqUxY:oAnuaizcoa23UCnC8aIGxY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc3a9be5747f7f5d77745c80108f1fba_JaffaCakes118

Files

bc3a9be5747f7f5d77745c80108f1fba_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4ef4448e7f24f20d25005e50c78f0847

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAOIDAdd
CAGetCertTypeProperty
CAEnumFirstCA
CAFindByName
CAUpdateCertType
CAOIDDelete
CAGetCertTypeKeySpec
CAGetCAFlags
CAInstallDefaultCertType
CAOIDFreeProperty
CAUpdateCA
CACountCAs
CASetCAExpiration
CASetCertTypeFlags
CACertTypeQuery
CACertTypeUnregisterQuery
CAGetCertTypeExpiration
CACreateNewCA
CAGetDN
CACertTypeAccessCheck
CAGetCertTypeExtensionsEx

kernel32

SetConsoleLocalEUDC
GetLocaleInfoA
DosPathToSessionPathW
ReadConsoleOutputW
QueryPerformanceCounter
RegisterConsoleIME
GetCurrentThreadId
SetConsoleMode
GetConsoleKeyboardLayoutNameA
GetTickCount
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetQueuedCompletionStatus
GetDriveTypeW
WriteConsoleInputVDMA
GetStartupInfoA
FreeEnvironmentStringsA
ReadDirectoryChangesW
PurgeComm
LZDone
SetCommConfig
LoadLibraryA
VirtualAlloc
CloseProfileUserMapping
DeleteFileA
SetTimerQueueTimer
GetCurrentProcessId
SetCurrentDirectoryW
GetProcessTimes
GetOverlappedResult
IsBadReadPtr
HeapCreate

rasman

RasBundleGetStatistics
RasPortSetFraming
RasRpcEnumConnections
RasGetHConnFromEntry
RasRpcDeleteEntry
RasRpcUnloadDll
RasGetEapUserInfo
RasRpcGetErrorString
RasGetKey
RasDeviceEnum
RasGetDeviceName
RasRegisterRedialCallback
RasFindPrerequisiteEntry
RasSetKey
RasSetCachedCredentials
RasRpcDisconnectServer
RasInitialize
RasSetDeviceConfigInfo

rtutils

TracePutsExW
TraceRegisterExW
MprSetupProtocolFree
TraceDeregisterExA
TraceDeregisterA
RouterLogEventValistExA
TraceDumpExA
TraceDeregisterW
RouterLogRegisterW
TraceDeregisterExW
RouterLogEventDataW
TraceVprintfExW
TraceRegisterExA
LogErrorW
LogErrorA
RouterLogEventStringA
TracePutsExA
RouterLogDeregisterA
RouterLogDeregisterW
RouterLogEventW
RouterLogEventValistExW
TracePrintfExW
MprSetupProtocolEnum
TraceVprintfExA
TraceGetConsoleA

advapi32

AddAccessAllowedAce
CryptEnumProviderTypesA
SetKernelObjectSecurity
WmiNotificationRegistrationW
RegQueryValueExA
ElfReadEventLogA
LsaRetrievePrivateData
WmiSetSingleItemW
ElfCloseEventLog
CreateServiceW
CancelOverlappedAccess
I_ScSetServiceBitsW
OpenEventLogA
SetSecurityInfo
SetSecurityDescriptorOwner

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ef4448e7f24f20d25005e50c78f0847

Headers

DLL Characteristics

File Characteristics

Imports

certcli

kernel32

rasman

rtutils

advapi32

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 17KB - Virtual size: 50KB

.rsrc Size: 20KB - Virtual size: 19KB

.reloc Size: 512B - Virtual size: 244B

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 17KB - Virtual size: 50KB

.rsrc
Size: 20KB - Virtual size: 19KB

.reloc
Size: 512B - Virtual size: 244B