c7ecfed3b05d2b0bd619dd690470f9f2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c7ecfed3b05d2b0bd619dd690470f9f2_JaffaCakes118
Size

83KB
MD5

c7ecfed3b05d2b0bd619dd690470f9f2
SHA1

44abf2cc65a548e2a8e9d24c5cb18b668232440e
SHA256

6b756719fcfcc773c76fbfb45bd57daa7cd46b48b4d631255c3a779bf1475c88
SHA512

13f3e579d0a9a676c2611a4874e8ffd874e3ce9ece9b7d83621236b971e15b38d34cf5c5b59e875f8adeed212b0721676480ce9a8b3de164a589fb8665d4daf4
SSDEEP

1536:tS1ZGotcjgj2bIdY16aeGfdTDQnszmr2l3BpW5NzAAYzuRSIiTodrTxqY:tS1ZCju2Zsae+wnsCcSNz/dgTom

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7ecfed3b05d2b0bd619dd690470f9f2_JaffaCakes118

Files

c7ecfed3b05d2b0bd619dd690470f9f2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

167258ea8ce61f1d9d661dfd1865d18d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempFileNameW
GetModuleHandleW
GetConsoleCommandHistoryA
IsValidLocale
TermsrvAppInstallMode
GetCurrencyFormatW
VerSetConditionMask
LoadLibraryA
GlobalFlags
VirtualAlloc
GetSystemTimeAsFileTime
CreateMailslotW
WritePrivateProfileSectionW
RemoveDirectoryW
EnumTimeFormatsA
VirtualProtectEx
SetCriticalSectionSpinCount
GetPrivateProfileSectionNamesA
GetCurrentThreadId
SetConsoleLocalEUDC
QueryPerformanceCounter
VerLanguageNameW
GetCurrentProcessId
CreateMutexA
GetTickCount
CreateJobObjectW

netapi32

NetAlertRaise
NetReplImportDirDel
NetGroupAdd
I_NetDfsGetVersion
I_NetLogonSamLogoff
DsRoleAbortDownlevelServerUpgrade
NetDfsRemoveFtRootForced
RxNetUserPasswordSet
NetServiceInstall
DsGetDcNextW
NetReplImportDirGetInfo
DsAddressToSiteNamesA
NetUseAdd
I_NetLogonUasLogoff

setupapi

SetupRemoveFileLogEntryA
SetupDiCreateDeviceInterfaceRegKeyA
CM_Delete_DevNode_Key_Ex
SetupGetFileCompressionInfoA
CM_Setup_DevNode_Ex
pSetupAccessRunOnceNodeList
CM_Get_Class_Name_ExA
SetupDiCreateDeviceInfoW
SetupDiBuildClassInfoListExW
CM_Invert_Range_List
SetupQuerySpaceRequiredOnDriveW
CM_Add_IDA
CM_Get_First_Log_Conf_Ex
SetupPromptForDiskW
pSetupOpenAndMapFileForRead
CM_Free_Log_Conf_Handle
SetupDiSetClassInstallParamsA

ws2_32

WSAEventSelect
WSAAddressToStringW
WSAResetEvent
WSCWriteProviderOrder
WSADuplicateSocketA
WSARecvDisconnect
WSAAsyncGetProtoByNumber
WSCEnableNSProvider
htons
WSALookupServiceNextA

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

167258ea8ce61f1d9d661dfd1865d18d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

netapi32

setupapi

ws2_32

Sections

.text Size: 34KB - Virtual size: 34KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 19KB - Virtual size: 70KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 512B - Virtual size: 280B

.text
Size: 34KB - Virtual size: 34KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 19KB - Virtual size: 70KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 512B - Virtual size: 280B