bf8a54974b575fac4db8f620b89ef80e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bf8a54974b575fac4db8f620b89ef80e_JaffaCakes118
Size

84KB
MD5

bf8a54974b575fac4db8f620b89ef80e
SHA1

27398e3d6656d2618456454be33c9cd47853e4bb
SHA256

3268e84659af3222ff0e6e213c9192ae774dd939319446e1715390b92ed71482
SHA512

9d8e733efc73580ee54b1345293f32f2c903ecd9cdf582a7144f7afa05522eee3092f887b45dec35ee6b0448940173b4cd0978a87d6119032531c47bf02bb088
SSDEEP

1536:m6YVjVOmegeUsO2Gef12a53X871XoY46iangBHgFWoHMS7bYb7DAGmjYkc/HFAFf:mbjVNsbI/ugn5bA+BL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf8a54974b575fac4db8f620b89ef80e_JaffaCakes118

Files

bf8a54974b575fac4db8f620b89ef80e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ffa2f933f10837fdaeb7f91e143a8c1b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcirt

??0ios@@IAE@ABV0@@Z
?seekpos@streambuf@@UAEJJH@Z
??5istream@@QAEAAV0@PAC@Z
??_Estreambuf@@UAEPAXI@Z
?pbump@streambuf@@IAEXH@Z
?setbuf@strstreambuf@@UAEPAVstreambuf@@PADH@Z
?get@istream@@QAEAAV1@AAVstreambuf@@D@Z
??5istream@@QAEAAV0@P6AAAVios@@AAV1@@Z@Z
??_7ofstream@@6B@
?unsetf@ios@@QAEJJ@Z
?attach@ofstream@@QAEXH@Z

kernel32

BaseFlushAppcompatCache
VirtualAlloc
RemoveVectoredExceptionHandler
GetProcAddress
LoadLibraryA
GetTickCount
SetConsoleLocalEUDC
HeapCreate
AddConsoleAliasA
RegisterWaitForSingleObjectEx
GetCurrentProcessId
GetConsoleNlsMode
Heap32ListNext
SetComputerNameExW
GetModuleHandleW
GetCurrentThreadId
GlobalCompact
GetSystemTimeAsFileTime
GetConsoleSelectionInfo
GetBinaryTypeA
GetDefaultCommConfigA
FlushConsoleInputBuffer
QueryPerformanceCounter

w32topl

ToplVertexGetOutEdge
ToplVertexInit
ToplIterGetObject
ToplGraphSetVertexIter
ToplGraphMakeRing
ToplIsToplException
ToplListCreate
ToplEdgeSetToVertex
ToplScheduleValid
ToplSTHeapExtractMin
ToplEdgeSetWeight
ToplGraphRemoveVertex
ToplGraphNumberOfVertices
ToplSTHeapCostReduced
ToplScheduleImport
ToplHeapIsElementOf
ToplGraphInit
ToplGraphFree

wldap32

ldap_start_tls_sA
ldap_value_free
ldap_value_free_len
ldap_conn_from_msg
ldap_modify_extW
ldap_search
ldap_ufn2dnA
ldap_modrdn2
ldap_rename_extW
ldap_perror
ldap_compare_sW

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ffa2f933f10837fdaeb7f91e143a8c1b

Headers

DLL Characteristics

File Characteristics

Imports

msvcirt

kernel32

w32topl

wldap32

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 23KB - Virtual size: 85KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 512B - Virtual size: 328B

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 23KB - Virtual size: 85KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 512B - Virtual size: 328B