db4010ec7a5a4bdc107a3c624dc173c2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

db4010ec7a5a4bdc107a3c624dc173c2_JaffaCakes118
Size

241KB
MD5

db4010ec7a5a4bdc107a3c624dc173c2
SHA1

4df14135ebe80538a537ea4c51b1c93640700e00
SHA256

851d38e5365f213992061ce36136efe890da55d6c7d5bb0f261cedf034660678
SHA512

0f186aa550c87843a90d870894d7a46d306245a60e9e63fd9c2b0bbaf0bc537d011642c47a2b40403ba5c724cbd22e37ac01b0e2a6870a0f596a98884678fdd9
SSDEEP

6144:SKyY+BteseiWy35jI4jit7Z0uHF5e/gvMD1o08zHmV:SKZ+jes7WGjCC4S/7OzHc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db4010ec7a5a4bdc107a3c624dc173c2_JaffaCakes118

Files

db4010ec7a5a4bdc107a3c624dc173c2_JaffaCakes118
.exe windows:2 windows x86 arch:x86

1171994044f8547e4f7114b5e9c26ed1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

crtdll

_mbsdec
_j0
__threadhandle
_isnan
_beginthread
atexit
_getdllprocaddr
_close
wcstok
isprint
_popen
localeconv
__GetMainArgs
_ismbblead
_cabs
_fpclass
_wcslwr
_CIacos
_ultoa
_ismbclower
_ltow
strcoll
_snprintf
tmpnam
asin
_wcsdup
_clearfp
_spawnvp
_fcloseall
_strspnp
_findnext
_open_osfhandle
_fputwchar
fgets
_mbctombb
_cscanf
_itoa
sin
_mbsncat
iswpunct
_creat
wcsncmp
_matherr
tan
_mbsspn
wcstol
_mbctolower
_errno
_basemajor_dll
scanf
_mbsnset
_execlp
atof
__threadid
_strninc
_ftime
iswascii
_gcvt
setbuf
_environ_dll
qsort
_chmod
_iob
_wtol
__toascii
_CItanh
strcspn
_strerror
iswcntrl
__fpecode
strftime
strtok
_winminor_dll
_osversion_dll
_fpreset
__argv_dll
__pxcptinfoptrs
vwprintf
_msize
_sys_nerr_dll
_winmajor_dll
mbstowcs
printf
_execlpe
strrchr
_mbsbtype
fopen
_acmdln_dll
_ismbbpunct
_scalb
_setjmp
_ismbcsymbol
ldiv
_makepath
_osver_dll
_fileinfo_dll
_timezone_dll
strlen
floor
_exit
strncmp
towlower
wcscat
_toupper
mblen
_strcmpi
_assert
freopen
_winver_dll
iswlower
fputwc
_write
_ismbbkana
fsetpos
wcsxfrm
_ecvt
_statusfp
wcstombs
iswspace
_strlwr
_searchenv
_fileno
_CIpow
raise
_memccpy
_fpieee_flt
wscanf
fputs
wcscpy

kernel32

GetPriorityClass
UnhandledExceptionFilter
ReleaseSemaphore
VirtualAlloc
TerminateProcess
SetUnhandledExceptionFilter
ReleaseMutex
FileTimeToLocalFileTime
GetDateFormatW
DeleteCriticalSection
FileTimeToSystemTime
LocalAlloc
CreateMutexW
CloseHandle
GetStartupInfoW
GetModuleFileNameW
BackupRead
ExpandEnvironmentStringsW
GetFileSize
LoadLibraryA
LocalFree
LocalFree
GetTapeParameters
GetTickCount
CreateSemaphoreW
LockResource
SetFileTime
DeviceIoControl
VirtualFree
CreateProcessW
GetVersionExW
SetPriorityClass
FindVolumeMountPointClose
GetSystemDirectoryW
SetFileShortNameW
GetFileAttributesW
GetCurrentThreadId
GetCurrentThread
SetErrorMode
BackupWrite
VerSetConditionMask
FormatMessageW
Sleep

pdh

PdhCloseLog
PdhParseCounterPathA
PdhParseInstanceNameW
PdhCreateSQLTablesW
PdhTranslateLocaleCounterW
PdhAdd009CounterW
PdhVbGetOneCounterPath
PdhUpdateLogA
PdhGetDllVersion
PdhReadRawLogRecord
PdhGetCounterInfoW
PdhTranslateLocaleCounterA
PdhMakeCounterPathW
PdhVbGetCounterPathElements
PdhOpenQueryW
PdhGetDefaultPerfObjectHA
PdhGetDataSourceTimeRangeW
PdhConnectMachineW
PdhEnumMachinesW
PdhRelogA
PdhConnectMachineA
PdhGetDefaultPerfCounterHA
PdhCalculateCounterFromRawValue
PdhEnumObjectsW
PdhAdd009CounterA
PdhGetDefaultPerfCounterHW
PdhComputeCounterStatistics
PdhCollectQueryDataEx
PdhBrowseCountersHA
PdhGetFormattedCounterArrayA
PdhParseInstanceNameA

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 143KB - Virtual size: 712KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1171994044f8547e4f7114b5e9c26ed1

Headers

DLL Characteristics

File Characteristics

Imports

crtdll

kernel32

pdh

Sections

.text Size: 71KB - Virtual size: 71KB

.data Size: 25KB - Virtual size: 25KB

.rsrc Size: 143KB - Virtual size: 712KB

.text
Size: 71KB - Virtual size: 71KB

.data
Size: 25KB - Virtual size: 25KB

.rsrc
Size: 143KB - Virtual size: 712KB