dd221b74cb3af2878aaeeba81249487b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dd221b74cb3af2878aaeeba81249487b_JaffaCakes118
Size

42KB
MD5

dd221b74cb3af2878aaeeba81249487b
SHA1

9970cd18c972652dca91c6215901cff4c0717593
SHA256

2e2601f37af69e21d59c7e251da1cc440e090392f806c8c37dbaad11e9edbdcf
SHA512

09bac093add68339bc330ffeb12244ee0daa07af5564a20314a0a21c4399e60463fe66b59c1ece9143aa16ebaad7a33df229e8ffdfc15d83ecd0c7d76fea8335
SSDEEP

768:cRAQNER+Cb9Yn/qCDlJWExxXujVhTHxELpKoOyjx0vNrEuOl1C:cRAjU1ll/DXsrTHXoOy0vNrem

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd221b74cb3af2878aaeeba81249487b_JaffaCakes118

Files

dd221b74cb3af2878aaeeba81249487b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e0a85b6c91746d1b5d0b2c7de4483c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

samlib

SamConnectWithCreds
SamRemoveMultipleMembersFromAlias
SamTestPrivateFunctionsUser
SamiEncryptPasswords

msi

MsiDatabaseCommit
MsiConfigureFeatureW
MsiAdvertiseProductW

ddraw

DirectDrawEnumerateA

user32

CallMsgFilterA

kernel32

GetVersionExA
GlobalDeleteAtom
SetFileAttributesA
GetLocaleInfoA
GetModuleHandleA
GetTimeZoneInformation
GetCurrentProcessId
DuplicateHandle
SetLastError
GetProfileStringA
SetErrorMode
InitializeCriticalSection
ExitThread
GetStringTypeW
UnlockFile
LoadLibraryA
SetEnvironmentVariableA
CreateProcessA
DeleteCriticalSection
GetSystemDefaultLCID
IsBadCodePtr
GlobalFree
HeapSize
FindResourceA
GetDriveTypeA
FindClose
VirtualProtect
SetFilePointer
ReadFile
GetTempPathA
WriteFile
SetFileTime
MulDiv
ExitProcess
GetStdHandle
GetVersion
GetFullPathNameA
CompareStringW
VirtualQuery
LoadLibraryExA
lstrcatA
Sleep
CreateEventA
MoveFileA
GetExitCodeProcess
HeapFree
FreeResource
LCMapStringW
WideCharToMultiByte
SetHandleCount
GetSystemDefaultLangID
IsDBCSLeadByte
GetStringTypeExA
GetCurrentDirectoryA
TlsSetValue
lstrcmpiA
GetLastError
HeapReAlloc
_lread
IsBadReadPtr
SetEvent
TlsGetValue
GetFileAttributesA
_llseek
GetUserDefaultLCID
GetCommandLineA
GlobalSize
FreeEnvironmentStringsW
TerminateProcess
SystemTimeToFileTime
FindFirstFileA
FreeLibrary
RtlUnwind
GlobalAddAtomA
TlsFree
FreeEnvironmentStringsA
SetLocalTime
EnterCriticalSection
SetCurrentDirectoryA
GlobalReAlloc
HeapDestroy
CreateSemaphoreA
WinExec
CloseHandle
lstrcmpA
InterlockedDecrement
GetCurrentProcess
RemoveDirectoryA
GetACP
SetEndOfFile
SearchPathA
VirtualAlloc
GetFileTime
GetSystemInfo
GetOEMCP
FlushInstructionCache
GetProcAddress
CreateDirectoryA
GetDateFormatA
WaitForSingleObject
GlobalLock
SetStdHandle
GetSystemDirectoryA
DeleteFileA
ResetEvent
GetStringTypeA
MultiByteToWideChar

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 872KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 358KB - Virtual size: 358KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e0a85b6c91746d1b5d0b2c7de4483c6

Headers

DLL Characteristics

File Characteristics

Imports

samlib

msi

ddraw

user32

kernel32

Sections

.text Size: 1KB - Virtual size: 1KB

.idata Size: 3KB - Virtual size: 3KB

.data Size: 24KB - Virtual size: 872KB

.reloc Size: 512B - Virtual size: 64B

.rdata Size: 35KB - Virtual size: 35KB

.rsrc Size: 358KB - Virtual size: 358KB

.text
Size: 1KB - Virtual size: 1KB

.idata
Size: 3KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 872KB

.reloc
Size: 512B - Virtual size: 64B

.rdata
Size: 35KB - Virtual size: 35KB

.rsrc
Size: 358KB - Virtual size: 358KB