bdd5f57ed46a777142794cf1c5d25402_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bdd5f57ed46a777142794cf1c5d25402_JaffaCakes118
Size

216KB
MD5

bdd5f57ed46a777142794cf1c5d25402
SHA1

38785a3343e1658023dcbd4485da90b76d3fa09b
SHA256

e9f1637e0cd3f1590ac48592d21fa87a1f50c43502061ba847bbf3ab8c0e5533
SHA512

960409e07760b82de7dc0be7e27b7da32cb0c41161f3d5cc74ed75a94428e35daacd0ed3198515a3785eb343f3ed893cbb3ecac9dd5bce8ba1f603a085ee0ca7
SSDEEP

3072:ZQW2w/arEpZC1knHsaqVjxNal20MuBez1BOf7wNq2w9:ZBByYpw1mHsakjWl207yrOf7wN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdd5f57ed46a777142794cf1c5d25402_JaffaCakes118

Files

bdd5f57ed46a777142794cf1c5d25402_JaffaCakes118
.exe windows:6 windows x86 arch:x86

af63aded2dc82d291aefd964672da90a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

wrJREHRBVW3.pdb

Imports

rasapi32

RasSetCustomAuthDataW

rpcrt4

RpcServerRegisterAuthInfoW
RpcBindingSetAuthInfoExA
I_RpcSessionStrictContextHandle
UuidToStringW

kernel32

GetLogicalDrives
GetModuleHandleA
FindNextChangeNotification
VirtualProtect
GetFullPathNameW
FindCloseChangeNotification
OpenSemaphoreA
UnlockFileEx
CallNamedPipeW
OutputDebugStringA
GetDefaultCommConfigA
LoadLibraryExW
GetDriveTypeW
GetSystemWow64DirectoryA
CreateSemaphoreA
SetVolumeLabelA
GetConsoleOutputCP
CopyFileA
GetNamedPipeHandleStateA
GetProcessTimes

setupapi

SetupGetMultiSzFieldW
SetupDiBuildClassInfoListExW
SetupDiGetClassInstallParamsA
SetupQueueCopyIndirectW
SetupIterateCabinetW
SetupInstallFilesFromInfSectionW
SetupGetLineTextA

oleaut32

VarCyFromI4
SafeArrayLock
CreateTypeLi

imm32

ImmSetCompositionWindow

winmm

PlaySoundW
mixerGetControlDetailsW

urlmon

CoInternetCreateZoneManager

esent

JetCommitTransaction

msacm32

acmDriverEnum

winscard

SCardTransmit

opengl32

glMapGrid1f

msvfw32

ICCompressorFree

ole32

CoGetObject

wininet

FtpOpenFileA
InternetTimeToSystemTime

wintrust

WTHelperGetProvSignerFromChain
CryptCATCDFClose
CryptCATCDFOpen

comdlg32

GetSaveFileNameW

advapi32

SetSecurityAccessMask
CryptSetProvParam
IsWellKnownSid
TreeResetNamedSecurityInfoW
SetSecurityDescriptorSacl
LookupPrivilegeValueW

winspool.drv

EndDocPrinter
DocumentPropertiesW
GetPrinterW

shlwapi

SHIsLowMemoryMachine
SHCopyKeyW
StrCpyW
PathFindNextComponentW
PathIsRootW
StrToIntExW
PathRemoveExtensionW
StrToInt64ExA

gdi32

EnumFontsA
GetColorAdjustment
ScaleViewportExtEx
GetViewportExtEx
GetEnhMetaFilePaletteEntries
EndPage
CreateSolidBrush
CreateMetaFileA
GetPath
GetPaletteEntries

msvcrt

realloc
ungetc
fputwc
fprintf

user32

MonitorFromPoint
ModifyMenuA
SetMenuInfo
wsprintfA
DrawTextW
GetUpdateRgn
SystemParametersInfoA
PeekMessageW
IsClipboardFormatAvailable
TranslateAcceleratorA
TrackPopupMenuEx

powrprof

EnumPwrSchemes
WriteGlobalPwrPolicy

secur32

QuerySecurityPackageInfoW

ws2_32

listen

Sections

.text
Size: 196KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af63aded2dc82d291aefd964672da90a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

rasapi32

rpcrt4

kernel32

setupapi

oleaut32

imm32

winmm

urlmon

esent

msacm32

winscard

opengl32

msvfw32

ole32

wininet

wintrust

comdlg32

advapi32

winspool.drv

shlwapi

gdi32

msvcrt

user32

powrprof

secur32

ws2_32

Sections

.text Size: 196KB - Virtual size: 197KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 984B

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 196KB - Virtual size: 197KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 984B

.reloc
Size: 8KB - Virtual size: 4KB