c77e5edff66ccdab6db50540ff556fc2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c77e5edff66ccdab6db50540ff556fc2_JaffaCakes118
Size

609KB
MD5

c77e5edff66ccdab6db50540ff556fc2
SHA1

a06031ce6329d7d7b7446643c024cdffd0fd4ab5
SHA256

a73fa68361d42b5acfe0bda99bc4d872267ad6c2054f0a93df9bfe7b9cca58dd
SHA512

8c143fbc4fe62574143ac303e5e6b33cd68916ff8d10cb2894308fcbe0d2c2a795fb33e36b51147a69b8cf20b4c8b5fc384d0ee28484afc4abb7cbb20947e4ff
SSDEEP

12288:Qyh5HXiZkNdgHfLCCrZZN+Ya8gFEPix+JvkhuzSQ0iJfx6Fk:QgS2SfLlrZZN+/SPY+JvkhuzSQ0ofWk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c77e5edff66ccdab6db50540ff556fc2_JaffaCakes118

Files

c77e5edff66ccdab6db50540ff556fc2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cd809506029303b7426d74c5600cee23

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED

Imports

msoert2

AppendTempFileList

dhcpsapi

DhcpAuditLogSetParams
DhcpCreateClass
DhcpCreateClientInfo
DhcpCreateClientInfoV4
DhcpCreateOption
DhcpCreateOptionV5
DhcpCreateSubnet
DhcpDeleteClass
DhcpDeleteClientInfo
DhcpDeleteMClientInfo
DhcpDeleteMScope
DhcpDeleteServer
DhcpDeleteSubnet
DhcpDeleteSuperScopeV4
DhcpDsCleanup
DhcpDsClearHostServerEntries
DhcpDsInit
DhcpEnumClasses
DhcpEnumMScopeClients
DhcpEnumMScopeElements
DhcpEnumMScopes
DhcpEnumOptionValues
DhcpEnumOptionValuesV5
DhcpEnumOptions
DhcpEnumOptionsV5
DhcpEnumServers
DhcpEnumSubnetClients
DhcpEnumSubnetClientsV4
DhcpEnumSubnetClientsV5
DhcpEnumSubnetElements
DhcpEnumSubnetElementsV4

kernel32

AllocConsole
CreateFileA
GetWindowsDirectoryA
AllocConsole
AttachConsole
AllocConsole
GetPrivateProfileStringA
IsBadWritePtr
GetCommandLineW

lz32

LZRead

mscat32

CryptCATCDFOpen
CryptCATCatalogInfoFromContext
CryptCATClose
CryptCATEnumerateAttr
CryptCATEnumerateCatAttr
CryptCATEnumerateMember
CryptCATGetAttrInfo
CryptCATGetCatAttrInfo
CryptCATGetMemberInfo
CryptCATHandleFromStore
CryptCATOpen
CryptCATPersistStore
CryptCATPutAttrInfo
CryptCATPutCatAttrInfo
CryptCATPutMemberInfo
CryptCATStoreFromHandle
CryptCATVerifyMember

advpack

AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry
AddDelBackupEntry

Sections

.text
Size: 30KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 266KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 552KB - Virtual size: 556KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cd809506029303b7426d74c5600cee23

Headers

File Characteristics

Imports

msoert2

dhcpsapi

kernel32

lz32

mscat32

advpack

Sections

.text Size: 30KB - Virtual size: 35KB

.data Size: 13KB - Virtual size: 266KB

.rsrc Size: 552KB - Virtual size: 556KB

.text
Size: 30KB - Virtual size: 35KB

.data
Size: 13KB - Virtual size: 266KB

.rsrc
Size: 552KB - Virtual size: 556KB