c21a1e3228ec4dc1926a9db4ea337d6f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c21a1e3228ec4dc1926a9db4ea337d6f_JaffaCakes118
Size

85KB
MD5

c21a1e3228ec4dc1926a9db4ea337d6f
SHA1

608b2068c36a44805d4ddc79a643f8267981c154
SHA256

9a268e9b5c294816f6eb23aeda552db535f016c921d7bd49c6a29ece85ad3052
SHA512

6f08a0f939dbe8fe47b668444aa9981a4f4d75e50f26dd768ba91039c9f54a2c12caa36b38f4d5eaeaa52c3aff44deca5a02822d768c92775fb405d3cc47cbd1
SSDEEP

1536:gWeDqFmeynGaXFWMWtUg+jidXtPfw7bYk0HzCo0CpMinqMclSXAMhihbaoEO6ZZa:feDqFm7GCpWVXtPI4rH7A91Na4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c21a1e3228ec4dc1926a9db4ea337d6f_JaffaCakes118

Files

c21a1e3228ec4dc1926a9db4ea337d6f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

94dfd7985e0602423fd27d84697ffff5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

pSetupStringTableDestroy
SetupCopyOEMInfW
pSetupStringTableLookUpString
pSetupGetCurrentDriverSigningPolicy
SetupCommitFileQueueA
CM_Remove_SubTree
SetupQueueCopyIndirectW
pSetupEnablePrivilege
CM_Register_Device_Driver_Ex
pSetupHandleFailedVerification
pSetupAddMiniIconToList
SetupAddToDiskSpaceListW
SetupDiCreateDeviceInterfaceRegKeyW
CM_Get_Parent
SetupInstallFromInfSectionW
pSetupGetFileTitle
CM_Get_Device_ID_List_ExA
pSetupInstallCatalog
CM_Register_Device_Interface_ExW
CM_Query_And_Remove_SubTree_ExA
CMP_GetServerSideDeviceInstallFlags
SetupDiClassNameFromGuidExW
SetupGetSourceInfoW
SetupAddInstallSectionToDiskSpaceListA
SetupDiCreateDeviceInfoList
SetupPrepareQueueForRestoreW
SetupSetSourceListA
SetupDiGetDeviceInfoListClass
CM_Get_Hardware_Profile_InfoA
SetupDiGetDeviceInstallParamsA

kernel32

GetDateFormatW
GetTickCount
OpenFile
SetVolumeMountPointW
GetSystemWow64DirectoryW
VirtualAlloc
LoadLibraryA
QueryPerformanceCounter
SetLocalTime
GetCurrentThreadId
IsBadHugeWritePtr
MapViewOfFileEx
GetProcAddress
DeleteFileW
GetComputerNameW
GetPrivateProfileSectionNamesW
EnumResourceTypesW
CreateThread
GetSystemTimeAsFileTime
HeapCreate
GetModuleHandleW
GetCurrentProcessId
GetThreadPriority
GlobalGetAtomNameA

msvcrt40

strcat
_adj_fdivr_m16i
??6ostream@@QAEAAV0@D@Z
??_Estrstreambuf@@UAEPAXI@Z
??_G__non_rtti_object@@UAEPAXI@Z
?rdbuf@strstream@@QBEPAVstrstreambuf@@XZ
??0ios@@IAE@XZ
??4ifstream@@QAEAAV0@ABV0@@Z
sprintf
?get@istream@@IAEAAV1@PADHH@Z
fseek
??0ifstream@@QAE@PBDHH@Z
??4ostream_withassign@@QAEAAVostream@@PAVstreambuf@@@Z
_mkdir
_endthreadex
_umask
?setbuf@filebuf@@UAEPAVstreambuf@@PADH@Z
?x_curindex@ios@@0HA

ir41_qc

AllocInstanceData
Compress
CompressEnd
SetScalability
CompressBegin
CompressFramesInfo
DllMain
FreeInstanceData

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94dfd7985e0602423fd27d84697ffff5

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

kernel32

msvcrt40

ir41_qc

Sections

.text Size: 33KB - Virtual size: 32KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 17KB - Virtual size: 60KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 512B - Virtual size: 372B

.text
Size: 33KB - Virtual size: 32KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 17KB - Virtual size: 60KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 512B - Virtual size: 372B