d0ef829e2baf5b9cc768aee7c741a4ba_JaffaCakes118

General

Target

d0ef829e2baf5b9cc768aee7c741a4ba_JaffaCakes118
Size

852KB
MD5

d0ef829e2baf5b9cc768aee7c741a4ba
SHA1

ee7fc90d8c30b4ee18c57abc59d7f6100bb68ed0
SHA256

be61b4cc8ffc17985f08b4c0a6016a7966fc17eb533f8a039e1c120e2294823f
SHA512

617ab2534ebec2da6e5ca28f6238dabb0cb857b14213f56e5bb89b5b374b99aef24d89d3228d429f6021febaa71b565df4392eba398b2401d36d16555ac6aef2
SSDEEP

24576:3iVkGI5tjrHTQULr8d+DEIhuEAGINHLt3qo10OLHjKLYJz:3bGI5tjrHPsVLt3qoJLHfJz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0ef829e2baf5b9cc768aee7c741a4ba_JaffaCakes118

Files

d0ef829e2baf5b9cc768aee7c741a4ba_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e5fe6926bf3cb97582a872ef9e49162b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VarCyCmpR8
VarUI1FromR8
VarI2FromR8
VarDecFromUI2
VarUI4FromDisp
VarR8FromI8
VarUI2FromStr
VarUI4FromUI2
VarCyNeg
VarI4FromI8
VariantCopy
VarCyFromR8
LPSAFEARRAY_Size
VarI2FromDate
VarBoolFromCy
SysReAllocStringLen

kernel32

GetPrivateProfileStringA
SwitchToThread
GlobalHandle
DeleteFileW
GetTapeParameters
GetComputerNameW
ExitProcess
IsBadHugeReadPtr
GetDiskFreeSpaceExA
BackupWrite
SetConsoleTitleW
EraseTape
GetCommMask
GetModuleHandleA
EnumTimeFormatsA
SetMailslotInfo
VirtualAlloc
GetThreadPriorityBoost
LoadLibraryA
OpenSemaphoreA
_lopen
FindFirstVolumeMountPointW
ConsoleMenuControl
GetProcAddress
OpenJobObjectW
SetHandleContext
LZCloseFile
SetComputerNameA
OpenConsoleW
EnumSystemLanguageGroupsW
GetFileAttributesW
DeleteFiber
AreFileApisANSI
FoldStringW
InitializeSListHead
DeleteFileA
GetCommConfig
GetMailslotInfo
PulseEvent
CancelWaitableTimer
GetEnvironmentStringsW
GlobalReAlloc
RtlUnwind
WriteConsoleOutputW
GetFileInformationByHandle

aclui

IID_ISecurityInformation
CreateSecurityPage
EditSecurity

Sections

.text
Size: 745KB - Virtual size: 745KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5fe6926bf3cb97582a872ef9e49162b

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

kernel32

aclui

Sections

.text Size: 745KB - Virtual size: 745KB

.rdata Size: 99KB - Virtual size: 99KB

.data Size: 3KB - Virtual size: 1.4MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 745KB - Virtual size: 745KB

.rdata
Size: 99KB - Virtual size: 99KB

.data
Size: 3KB - Virtual size: 1.4MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB