bfd75291669b58f9f56b004ca498c6a9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bfd75291669b58f9f56b004ca498c6a9_JaffaCakes118
Size

66KB
MD5

bfd75291669b58f9f56b004ca498c6a9
SHA1

b72c904bf01259073c1135eb805c40c524fe9872
SHA256

72b92e1905cb966ef34d3345d937e8d8e198195e159deb22c6d77ee4a6598bd2
SHA512

1ec330bcfc67fd00959a1f846982e38c80a3d294f9514e2e44870c583534bbcb4972eb0695a419cbacc9fc1f0ad44f7dc531240eb8e78b67007a5d49bc8ccc69
SSDEEP

1536:UX5qppAo1+FG8UvGhzfrGYimRe4U/YDbl+ydVyXMEFZdOP:UXoadUe9fRDbU/YDh+4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfd75291669b58f9f56b004ca498c6a9_JaffaCakes118

Files

bfd75291669b58f9f56b004ca498c6a9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cba5159f6cf50f59c52d8c9277ffd912

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
GetProcAddress
CreateMutexA
BindIoCompletionCallback
GetTickCount
CreateProcessInternalA
LoadLibraryA
IsBadReadPtr
LoadLibraryW
TerminateThread
GetCurrentProcessId
VirtualAlloc
lstrcpy
SetPriorityClass
GetNumaAvailableMemoryNode
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetProfileSectionW
SetLocalPrimaryComputerNameW
GetCurrentThreadId
GetComputerNameExA
GetStartupInfoA
GetModuleHandleW

mprddm

DDMConnectInterface
IfObjectNotifyOfReachabilityChange
DDMAdminConnectionGetInfo
RasAcctProviderFreeAttributes
RasAcctConfigChangeNotification
DDMRegisterConnectionNotification
DDMGetIdentityAttributes
IfObjectInitiatePersistentConnections
RasAuthProviderTerminate
DDMAdminPortGetInfo
DDMAdminInterfaceDisconnect
RasAuthProviderAuthenticateUser
DDMSendUserMessage
RasAcctProviderStartAccounting
RasAcctProviderInitialize
RasAuthProviderInitialize
RasAcctProviderStopAccounting
DDMDisconnectInterface
DDMAdminServerGetInfo
DDMTransportCreate

rsaenh

CPDeriveKey
CPGetProvParam
CPSetProvParam
DllRegisterServer
CPReleaseContext
CPDestroyHash
CPCreateHash
CPSetKeyParam
CPDestroyKey
CPImportKey
CPSetHashParam
CPHashSessionKey
CPDuplicateHash
CPGenRandom
CPDuplicateKey
CPGetHashParam
CPAcquireContext
CPGetKeyParam
DllUnregisterServer
CPVerifySignature

msi

MsiGetProductInfoFromScriptA
MsiGetFileVersionW
MsiSourceListForceResolutionA
MsiVerifyPackageA
MsiGetSummaryInformationW
MsiCreateTransformSummaryInfoW
MsiAdvertiseProductExW
MsiGetActiveDatabase
MsiSummaryInfoSetPropertyW
MsiGetFileHashA
MsiSummaryInfoGetPropertyA

certcli

CAFreeCAProperty
CAEnumCertTypesForCA
CAFreeCertTypeProperty
CAUpdateCA
CAGetCertTypeProperty
CASetCertTypeFlags
CAGetCertTypeExtensions
CACountCertTypes
CASetCertTypeExtension
CASetCertTypeProperty
CACloneCertType
CASetCACertificate
CASetCAFlags
DllInstall
CACountCAs
CAEnumNextCA
CAFindByName
CACertTypeUnregisterQuery
CAOIDGetProperty
CACloseCertType

ir50_qcx

DllMain
CompressEnd
CompressFramesInfo
FreeInstanceData
CompressQuery
SetCPUID
CompressBegin
SetScalability
AllocInstanceData
Compress

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cba5159f6cf50f59c52d8c9277ffd912

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

mprddm

rsaenh

msi

certcli

ir50_qcx

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 10KB - Virtual size: 89KB

.rsrc Size: 21KB - Virtual size: 20KB

.reloc Size: 1024B - Virtual size: 540B

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 10KB - Virtual size: 89KB

.rsrc
Size: 21KB - Virtual size: 20KB

.reloc
Size: 1024B - Virtual size: 540B