e04b98fc3b8c5eecc184dc99e0b826e1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e04b98fc3b8c5eecc184dc99e0b826e1_JaffaCakes118
Size

3.1MB
MD5

e04b98fc3b8c5eecc184dc99e0b826e1
SHA1

623508935a0053900e06e04d16fea6d27d8ea870
SHA256

477d47bf3077400e931e01e4dd01c4b8d59055e2e3904a4b375b3ebd3ec8ccc8
SHA512

f27a40d1adff8be180305a80bdbf59ccb99ab08a967119a3e1d578f5a016a4bca61d98b276a64d6adbec38cd5db3af45b86f5a006ac569893c20d6b40992e430
SSDEEP

98304:uflYnFGo2exXgiKWBjGTrFuqvU4E8iYB:il2F1XgJFuGTc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e04b98fc3b8c5eecc184dc99e0b826e1_JaffaCakes118

Files

e04b98fc3b8c5eecc184dc99e0b826e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

35ea50194d7d3b1a4b300700a477a6fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_mbsrchr
_wasctime
_ismbcupper
getc
isalpha
wcstol
_ltoa
_pclose
__p__osver

wsnmp32

ord500
ord302
ord501
ord600
ord906

dhcpsapi

DhcpGetAllOptions
DhcpGetOptionInfoV5
DhcpEnumMScopes
DhcpGetOptionValue
DhcpAddServer
DhcpEnumSubnetClients
DhcpServerQueryAttribute
DhcpDeleteSuperScopeV4
DhcpRemoveOptionValue
DhcpScanMDatabase
DhcpGetOptionValueV5
DhcpGetMScopeInfo
DhcpAddSubnetElement
DhcpEnumOptionValues
DhcpServerQueryDnsRegCredentials
DhcpEnumSubnets
DhcpSetOptionValueV5
DhcpEnumOptionValuesV5
DhcpSetOptionValue
DhcpGetClientInfoV4

kernel32

GetModuleHandleA
FlushFileBuffers
VirtualAlloc
ExitProcess
GetConsoleCursorInfo
Module32Next
WriteConsoleOutputCharacterA
HeapCompact
UnmapViewOfFile
FindNextFileA
GetStringTypeW
TransactNamedPipe
CreateMutexA
GetCurrentThread
FileTimeToSystemTime
MapViewOfFileEx
SetFileAttributesW
QueryPerformanceCounter
GetTempPathA
OutputDebugStringW
OpenFileMappingW
FindFirstFileW

msacm32

acmStreamPrepareHeader
acmDriverDetailsW
acmStreamOpen
acmStreamConvert
acmFormatTagDetailsW
acmMetrics
acmFormatChooseW
acmFormatSuggest
acmDriverID

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textbs
Size: 512B - Virtual size: 651KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 1.5MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 1.5MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 7KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35ea50194d7d3b1a4b300700a477a6fa

Headers

File Characteristics

Imports

msvcrt

wsnmp32

dhcpsapi

kernel32

msacm32

Sections

.text Size: 6KB - Virtual size: 5KB

.textbs Size: 512B - Virtual size: 651KB

.orpc Size: 1.5MB - Virtual size: 2.4MB

.CRT Size: 1.5MB - Virtual size: 2.9MB

.tls Size: - Virtual size: 7KB

.edata Size: 512B - Virtual size: 24B

.rsrc Size: 45KB - Virtual size: 44KB

.text
Size: 6KB - Virtual size: 5KB

.textbs
Size: 512B - Virtual size: 651KB

.orpc
Size: 1.5MB - Virtual size: 2.4MB

.CRT
Size: 1.5MB - Virtual size: 2.9MB

.tls
Size: - Virtual size: 7KB

.edata
Size: 512B - Virtual size: 24B

.rsrc
Size: 45KB - Virtual size: 44KB