d3bc72dcfb65a3babc7ed46f7b898d48_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d3bc72dcfb65a3babc7ed46f7b898d48_JaffaCakes118
Size

85KB
MD5

d3bc72dcfb65a3babc7ed46f7b898d48
SHA1

4ace7eae3225310d846df63d428ff47cfeefaa91
SHA256

9a1ef4fd48289293ff54599694cf3ea6103faddabca158f09e12d49802f7ddb2
SHA512

0b1cebd9bb985d7ebc694270029f594e81b25dbdc47755639a88873a14ebe435b7cd2e7aec27a9015f237a38b201cb71aa4f45b99e9bf14c80615365aacc800f
SSDEEP

1536:O7KluwstP2MsllVl7JOQRv4spwV2QgnmmF7BhC7TQnNG6HUN1A3oi5JlY:tuVtO7lX7JOQRgs+V2hrBBckNQ1glY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3bc72dcfb65a3babc7ed46f7b898d48_JaffaCakes118

Files

d3bc72dcfb65a3babc7ed46f7b898d48_JaffaCakes118
.exe windows:5 windows x86 arch:x86

86c4a59467697ca1602f77a81f89e099

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcirt

?sync@istream@@QAEHXZ
??0stdiobuf@@QAE@PAU_iobuf@@@Z
?fd@ofstream@@QBEHXZ
??0stdiostream@@QAE@ABV0@@Z
??_Gistrstream@@UAEPAXI@Z
??_Eostream@@UAEPAXI@Z
?sync@stdiobuf@@UAEHXZ
??6ostream@@QAEAAV0@K@Z
?cerr@@3Vostream_withassign@@A
?width@ios@@QAEHH@Z
??0strstreambuf@@QAE@H@Z
?attach@ofstream@@QAEXH@Z
??5istream@@QAEAAV0@AAE@Z
??_7filebuf@@6B@
??_Eofstream@@UAEPAXI@Z
?fd@filebuf@@QBEHXZ
??0istream_withassign@@QAE@PAVstreambuf@@@Z
??_8ostream@@7B@
??0exception@@QAE@XZ
??6ostream@@QAEAAV0@H@Z
??0ios@@IAE@ABV0@@Z
??_8fstream@@7Bostream@@@
?read@istream@@QAEAAV1@PACH@Z
?cout@@3Vostream_withassign@@A

kernel32

QueryPerformanceCounter
lstrlenW
GetStartupInfoA
CreateProcessW
GetCurrentProcessId
GetCurrentThreadId
SetThreadPriorityBoost
GetDiskFreeSpaceA
GetNativeSystemInfo
GetLastError
LoadLibraryExW
CreateThread
LoadLibraryA
HeapCreate
GetFirmwareEnvironmentVariableW
CopyFileA
SetConsoleLocalEUDC
BeginUpdateResourceW
GetHandleInformation
LocalFileTimeToFileTime
GetCalendarInfoA
CreateSemaphoreA
GetSystemTimeAsFileTime
GetTickCount
LoadModule
WaitForSingleObject
GetConsoleProcessList
GetVersionExA
VirtualAlloc
DefineDosDeviceW

cscdll

CSCUnpinFileW
CSCFindNextFileW
CSCEnumForStatsW
CSCDoEnableDisable
CSCFindFirstFileForSidW
CSCEnumForStatsExW
CSCTransitionServerOnlineW
CSCDeleteW
CSCPinFileW
CSCQueryFileStatusW
CSCIsCSCEnabled
CSCFindFirstFileW
CSCSetMaxSpace
CSCIsServerOfflineW
CSCFindClose

iphlpapi

GetIpForwardTable
DeleteIPAddress
InternalCreateIpForwardEntry
do_echo_req
GetUniDirectionalAdapterInfo
CreateIpNetEntry
IcmpSendEcho2
GetNetworkParams
GetTcpStatistics
SetTcpEntry
NhGetInterfaceNameFromGuid
GetAdapterOrderMap

user32

IMPGetIMEW
CheckDlgButton
GetClipboardData
CharPrevExA
SetCursorContents
DdeSetQualityOfService
GetMessageTime
GetWindowTextLengthA
SendNotifyMessageA
MessageBeep
ScrollWindowEx
SwitchDesktop
DrawEdge
MapDialogRect
SendIMEMessageExA
SetInternalWindowPos
SetClassWord
BroadcastSystemMessageExA
DefWindowProcW
PrivateExtractIconExA
CallMsgFilterA
GetProgmanWindow

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86c4a59467697ca1602f77a81f89e099

Headers

DLL Characteristics

File Characteristics

Imports

msvcirt

kernel32

cscdll

iphlpapi

user32

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 17KB - Virtual size: 80KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 512B - Virtual size: 276B

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 17KB - Virtual size: 80KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 512B - Virtual size: 276B