d488157dab6161dbee6f8850dcff6a1a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d488157dab6161dbee6f8850dcff6a1a_JaffaCakes118
Size

310KB
MD5

d488157dab6161dbee6f8850dcff6a1a
SHA1

00c23c79138bc99bf414bafd40a5b2a4e6d0d0f5
SHA256

512bbfdfd4c4a997ecd927f30c85cc8b3a6f3d9127d13a09e015336fdaba0126
SHA512

5a88203dde8835583c52fb60cc78d1fbb0be08f11ded80e7b089ccdd15c98eb091ae85d9360e8808aa3b58d3359f66b962f10215fdf401a26a09988cbc322372
SSDEEP

6144:ap6SDVPErcDtWK355mqn2zTR3NwXy6bkx5Ius/HcsCn6NkBU:ap1DurW4KPn+RdMbMfic1BU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d488157dab6161dbee6f8850dcff6a1a_JaffaCakes118

Files

d488157dab6161dbee6f8850dcff6a1a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ca948cba1a665dcbc6f8f38c6cf38a7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

query

??1CDynStream@@QAE@XZ
?CiNtOpen@@YGPAXPBGKKK@Z
?GetEntryBuffer@CGenericCiProxy@@QAEPAEAAK@Z
?AcceptCommand@CQueryScanner@@QAEXXZ
?OpenRecordForWrites@CPropStoreManager@@QAEPAVCCompositePropRecordForWrites@@KPAE@Z
?Clone@CRestriction@@QBEPAV1@XZ
??0CFilterDaemon@@QAE@AAVCiProxy@@AAVCCiFrameworkParams@@AAVCLangList@@PAEKPAUICiCFilterClient@@@Z
?QueryInterface@CEmptyPropertyList@@UAGJABU_GUID@@PAPAX@Z
?GetUShort@CMemDeSerStream@@UAEGXZ
??1CFileMapView@@QAE@XZ

msvcp60

?pbackfail@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAEGG@Z
?infinity@?$numeric_limits@D@std@@SADXZ
?find_last_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
?_Init@?$codecvt@GDH@std@@IAEXABV_Locinfo@2@@Z
??_7out_of_range@std@@6B@
?_Infv@?$_Ctr@O@std@@SAOO@Z
?pbase@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBEPAGXZ
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Hstd@@YA?AV?$complex@M@0@ABV10@ABM@Z
??_7bad_cast@std@@6B@
??X?$_Complex_base@M@std@@QAEAAV01@ABM@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z

wship6

WSHGetWildcardSockaddr
WSHOpenSocket2
WSHGetWSAProtocolInfo
WSHGetSockaddrType
WSHOpenSocket
WSHIoctl
WSHStringToAddress
WSHGetProviderGuid
WSHSetSocketInformation
WSHGetWinsockMapping
WSHGetSocketInformation
WSHNotify
WSHAddressToString
WSHJoinLeaf
WSHEnumProtocols

mfcsubs

?AssignCopy@CString@@IAEXHPBG@Z
??M@YG_NABVCString@@PBG@Z
??8@YG_NABVCString@@0@Z
?IsEmpty@CString@@QBEHXZ
?GetData@CString@@IBEPAUCStringData@@XZ
?FreeDataChain@CPlex@@QAEXXZ
??ACString@@QBEGH@Z
?Empty@CString@@QAEXXZ
?SpanIncluding@CString@@QBE?AV1@PBG@Z
?AfxExtractSubString@@YGHAAVCString@@PBGHG@Z
??0CObject@@IAE@XZ
?GetAllocLength@CString@@QBEHXZ
?GetData@CStringArray@@QBEPBVCString@@XZ

kernel32

WritePrivateProfileStringW
GetConsoleAliasExesLengthW
CallNamedPipeA
PostQueuedCompletionStatus
GetCurrentThreadId
GetLogicalDriveStringsA
FindResourceW
LoadLibraryA
VirtualAlloc
GetModuleHandleW
AddConsoleAliasA
GetSystemTimeAsFileTime
EnumDateFormatsW
GetConsoleCommandHistoryLengthA
GetProcAddress
GetComPlusPackageInstallStatus

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 119KB - Virtual size: 493KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca948cba1a665dcbc6f8f38c6cf38a7a

Headers

File Characteristics

Imports

query

msvcp60

wship6

mfcsubs

kernel32

Sections

.text Size: 141KB - Virtual size: 140KB

.rdata Size: 38KB - Virtual size: 37KB

.data Size: 119KB - Virtual size: 493KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 141KB - Virtual size: 140KB

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 119KB - Virtual size: 493KB

.rsrc
Size: 11KB - Virtual size: 11KB