db5fea11805adc70d1100bb7257a5755_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

db5fea11805adc70d1100bb7257a5755_JaffaCakes118
Size

232KB
MD5

db5fea11805adc70d1100bb7257a5755
SHA1

13bb200631964d1b83ab06fae8cf5ea7f863d674
SHA256

7d9b3ff900a3b0c4d64eb37ce3d0a2d7010b8335e9c83d8973161d8f7192a5e6
SHA512

1ce240547c0a889ba733d923d1aae0ba7f9ffcd1f5aa208739cfd94881c1d074eea94c5faf51995453d404b39fc8ceeabe78980e4b688a62d813d8b506c7cc26
SSDEEP

6144:BeTN0YfBbL5hW3NwCNsU3zFbNsYCV0B0sD+tcu1/RbN:BUN0YZbLG33sU3Ns06u+i+b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db5fea11805adc70d1100bb7257a5755_JaffaCakes118

Files

db5fea11805adc70d1100bb7257a5755_JaffaCakes118
.exe windows:7 windows x86 arch:x86

68621f982886da7c3df5b699efe70c89

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

pdh

PdhParseCounterPathA
PdhEnumMachinesW
PdhConnectMachineA
PdhGetDataSourceTimeRangeW
PdhEnumObjectItemsW
PdhVbGetLogFileSize
PdhGetCounterInfoA
PdhExpandWildCardPathHA
PdhSelectDataSourceA
PdhEnumObjectsHW
PdhEnumObjectItemsA
PdhSetQueryTimeRange
PdhCalculateCounterFromRawValue
PdhVbOpenLog
PdhEnumMachinesHW
PdhGetLogFileTypeA
PdhEnumObjectsW
PdhGetLogFileSize
PdhVbGetCounterPathFromList
PdhGetDataSourceTimeRangeA
PdhOpenQueryA
PdhCollectQueryDataEx
PdhTranslateLocaleCounterW
PdhLookupPerfNameByIndexA

crtdll

_mbscat
freopen
_amsg_exit
floor
_getdcwd
_cscanf
_local_unwind2
_dup2
_baseminor_dll
_CIlog
_stricmp
_mbstok
getc
_mbsrchr
_purecall
_mbsset
_finite
_rotr
_beginthread
wcstombs
isdigit
difftime
_execl
_mbsicmp
_strncnt
_mbccpy
sscanf
_getch
_mbcjistojms
_mbsnbcnt
log10
_lrotr
__toascii
fwrite
_fileno
_mktemp
_findnext
_strinc
_ftol
_mbscpy
_spawnlpe
_ismbbtrail
ferror
iswcntrl
vfwprintf
_mbsnbcmp
__iscsym
wcsftime
_control87
asin
_ismbslead
_searchenv
getchar
toupper
wcscpy
_fputwchar
strrchr
_heapset
wcscmp
iswalpha
iscntrl
vswprintf
_copysign
_strupr
_strninc
_ismbbgraph
_baseversion_dll
bsearch
_ismbcupper
is_wctype
_mbctolower
_commode_dll
_CIcos
setvbuf
_mbctombb

kernel32

GetPriorityClass
SystemTimeToTzSpecificLocalTime
HeapFree
SetPriorityClass
SetUnhandledExceptionFilter
EraseTape
SetFileAttributesW
GetCompressedFileSizeW
SetFileShortNameW
VirtualFree
GetVersionExW
LockFile
GetLastError
MultiByteToWideChar
CreateSemaphoreW
GetPrivateProfileStringW
CreateThread
LoadLibraryA
LocalFree
Sleep
SetFileTime
GetFileSize
CreateProcessW
VirtualAlloc
GetVersionExW
FileTimeToSystemTime
LocalAlloc
FindFirstVolumeMountPointW
GetSystemTime
CloseHandle
SetLastError

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68621f982886da7c3df5b699efe70c89

Headers

DLL Characteristics

File Characteristics

Imports

pdh

crtdll

kernel32

Sections

.text Size: 76KB - Virtual size: 76KB

.data Size: 19KB - Virtual size: 19KB

.rsrc Size: 136KB - Virtual size: 740KB

.text
Size: 76KB - Virtual size: 76KB

.data
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 136KB - Virtual size: 740KB