d714bd0a84281b642abbf65726ab68d8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d714bd0a84281b642abbf65726ab68d8_JaffaCakes118
Size

92KB
MD5

d714bd0a84281b642abbf65726ab68d8
SHA1

e273763800045a0009ff147407055c61b7bc8b5d
SHA256

78b22410d8b1e8e6a5dc868661a16a21cae8f10eab4aeb6a47341978eebb083b
SHA512

ab447176cb11917d23e80c54236a0348987488fd40631a5c129be942217dbf9299973060b653fab59873b6d0fa4fd774d04c56e8934a1705bf211ee6c5031187
SSDEEP

1536:1YVndESzo163pvlaqH44qOUtsW3nwtZI+6qx6FLA+yh8ERUH1TZw5O4xsTkSy:GFumZdaEKj3nn+6qKLA+yHmy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d714bd0a84281b642abbf65726ab68d8_JaffaCakes118

Files

d714bd0a84281b642abbf65726ab68d8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9dd234d6735687aef39b2aa29841948c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateConsoleScreenBuffer
GetStringTypeW
OpenFileMappingA
CommConfigDialogA
LeaveCriticalSection
GetBinaryTypeA
SetMessageWaitingIndicator
GetExitCodeProcess
VirtualAlloc
GetEnvironmentStrings
UpdateResourceW
GlobalLock
GetNamedPipeInfo
GetDefaultCommConfigW
GetCommandLineA
DeleteVolumeMountPointA
LoadLibraryA
OpenProcess

msvcrt40

__getmainargs
_wcsdup
_longjmpex
fgetpos
isprint
?getline@istream@@QAEAAV1@PADHD@Z
?sputc@streambuf@@QAEHH@Z
??_Giostream@@UAEPAXI@Z
??0bad_typeid@@QAE@PBD@Z
_mbsnbcnt
??3@YAXPAX@Z
?sgetn@streambuf@@QAEHPADH@Z
?oct@@YAAAVios@@AAV1@@Z
__p___initenv
_ismbbgraph
_mbsnbicoll
??_7strstream@@6B@
_outpw
??_Efstream@@UAEPAXI@Z
??_Distream@@QAEXXZ
??0istream_withassign@@QAE@XZ
?eatwhite@istream@@QAEXXZ
?pbackfail@streambuf@@UAEHH@Z
??_Eostream@@UAEPAXI@Z
?gbump@streambuf@@IAEXH@Z
?writepad@ostream@@AAEAAV1@PBD0@Z
_wcsicmp
_spawnl
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
_write
??0ostream_withassign@@QAE@XZ
_wmakepath
??4Iostream_init@@QAEAAV0@ABV0@@Z
_strnset
_ismbcsymbol
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
_CIcosh
??_Gios@@UAEPAXI@Z
?dec@@YAAAVios@@AAV1@@Z
_wspawnv
_chgsign
_CIsinh
??_7istream_withassign@@6B@
??_Estreambuf@@UAEPAXI@Z
iswspace

advapi32

ConvertSidToStringSidW
SetEntriesInAccessListA
TraceMessageVa
GetSidIdentifierAuthority
WmiNotificationRegistrationA
RegEnumKeyA
RegDisablePredefinedCache
CryptDuplicateKey
SystemFunction016
OpenEventLogW
GetTraceEnableFlags
LsaEnumerateAccounts
AdjustTokenGroups

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9dd234d6735687aef39b2aa29841948c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt40

advapi32

Sections

.text Size: 36KB - Virtual size: 36KB

.data Size: 28KB - Virtual size: 34KB

.rsrc Size: 25KB - Virtual size: 25KB

.reloc Size: 512B - Virtual size: 232B

.text
Size: 36KB - Virtual size: 36KB

.data
Size: 28KB - Virtual size: 34KB

.rsrc
Size: 25KB - Virtual size: 25KB

.reloc
Size: 512B - Virtual size: 232B