d59f912793fe90b92c562f59466d6f05_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d59f912793fe90b92c562f59466d6f05_JaffaCakes118
Size

82KB
MD5

d59f912793fe90b92c562f59466d6f05
SHA1

f0f6e574c6eee1674e15ca2c488b10c27e87e199
SHA256

c176328c8141751cd28068a7fcc31016a014b3c0bcf20bc141b3669563b010a7
SHA512

0ed982463e9ff4e0296e02ef8b59ab84e59c83cdc2a5c0824e4874196c91071f2b087efa604c7ba87a48a8d208da073df2039e12e021edea557ba75d97123d4f
SSDEEP

1536:a7MvKdvdAk7WULdRwK3v+hcVn0ecqKy/h1S+U1TaxLW45kM+P9B:1vwvGSWULTwK3G6Vn0ebx4B2dW4aR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d59f912793fe90b92c562f59466d6f05_JaffaCakes118

Files

d59f912793fe90b92c562f59466d6f05_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2e2841d40a7e526e4fb3739c38ac7829

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt40

setbuf
__p___mb_cur_max
??4istream_withassign@@QAEAAV0@ABV0@@Z
?pbase@streambuf@@IBEPADXZ
?tellp@ostream@@QAEJXZ
??_Dstdiostream@@QAEXXZ
?sputn@streambuf@@QAEHPBDH@Z
wcschr
?seekoff@stdiobuf@@UAEJJW4seek_dir@ios@@H@Z
tmpfile
__set_app_type
_wfsopen
??4ostrstream@@QAEAAV0@ABV0@@Z
_strupr
??0strstream@@QAE@PADHH@Z
?setmode@filebuf@@QAEHH@Z
_setsystime
?is_open@fstream@@QBEHXZ
_wpopen

crypt32

CertEnumCTLsInStore
I_CryptRegisterSmartCardStore
CertDuplicateCTLContext
CryptVerifyMessageHash
CertOpenSystemStoreA
CertFreeCRLContext
CryptEnumOIDFunction
CryptDecryptMessage
CertDuplicateStore
CryptUnprotectData
CertEnumPhysicalStore
CertGetValidUsages
I_CertUpdateStore
CertAddEncodedCertificateToStore
CryptSignAndEncryptMessage

msdtcprx

?CreateInstance@CTmProxyCore@@SGJPAPAV1@PAUIUnknown@@@Z
?InstallDtcClient@@YGJPAGKK@Z
?Create@CNameService@@SGJPAPAV1@@Z
DTC_XaRollback
DllGetDTCConnectionManager
?GetDtcLogPath@@YGHKPAG@Z
DTC_XaStart
DTC_XaEnd
DTC_XaOpen
ContactToNameObject

msvcp60

_FSnan
??4?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEAAV01@ABV01@@Z
?_Init@?$messages@G@std@@IAEXABV_Locinfo@2@@Z
??_F?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXXZ
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z
??_F?$moneypunct@D$00@std@@QAEXXZ
??_0?$_Complex_base@O@std@@QAEAAV01@ABO@Z
?assign@?$char_traits@D@std@@SAXAADABD@Z
?length@?$codecvt@GDH@std@@QBEHAAHPBG1I@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
?do_truename@?$numpunct@D@std@@MBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PBX@Z
??0?$complex@M@std@@QAE@ABV?$complex@O@1@@Z
??_F?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?iword@ios_base@std@@QAEAAJH@Z

kernel32

VirtualAlloc
LoadLibraryA
RequestDeviceWakeup
lstrlenW
FormatMessageA
VerifyVersionInfoA
GetModuleFileNameW
GetUserDefaultLCID
SetCommTimeouts
GetCurrentProcessId
GetConsoleDisplayMode
SetCommState
LocalFlags
GetLongPathNameW
GetSystemTimeAsFileTime
GetConsoleSelectionInfo
GetTickCount
LZOpenFileW
GetDiskFreeSpaceExA
GetCurrentThreadId
CreateFileW
QueryPerformanceCounter
GetModuleHandleW

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e2841d40a7e526e4fb3739c38ac7829

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt40

crypt32

msdtcprx

msvcp60

kernel32

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 19KB - Virtual size: 41KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 512B - Virtual size: 328B

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 19KB - Virtual size: 41KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 512B - Virtual size: 328B