e1dccf273e5b7c51593fdf702d9eb088_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e1dccf273e5b7c51593fdf702d9eb088_JaffaCakes118
Size

254KB
MD5

e1dccf273e5b7c51593fdf702d9eb088
SHA1

42ddb9e10132ea81f86ff9c6052dffe58f0df84f
SHA256

f80029547415157d3c92db776a4fc9289c4fe739ab244a26c5099179270d7944
SHA512

876e32b63277bbb44e07936a26fd0e7eb82b8d540e146039a4e8a3c3880d3dda39b4440ab606904c994167152efd07f0e2dadcf1cf7246c88beb4b54b0b360e1
SSDEEP

6144:rOrPOW0jhUSpgJZrxe3nZNNAPA/jTg2t4Vqaxo:CKWIhX+rxEndt4O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1dccf273e5b7c51593fdf702d9eb088_JaffaCakes118

Files

e1dccf273e5b7c51593fdf702d9eb088_JaffaCakes118
.exe windows:4 windows x86 arch:x86

371ae8194ad2e56245156a0147916408

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetCurrentThreadId
WaitForSingleObject
lstrcpynA
GetComputerNameA
lstrlenA
GetModuleHandleA
CreateMutexW
OpenMutexW
CreateMutexA
OpenMutexA
OpenEventA
CreateEventA
ExpandEnvironmentStringsW
SetErrorMode
lstrcpyA
GetProcessHeap
lstrcatA
ExpandEnvironmentStringsA
LocalFree
WaitForMultipleObjects
GetFullPathNameA
GetTempFileNameW
CreateDirectoryW
GetTempPathW
lstrlenW
GetLocalTime
CreateSemaphoreA
LocalAlloc
RaiseException
GetModuleHandleW
IsDebuggerPresent
SetUnhandledExceptionFilter
GetProcAddress

samlib

SamOpenAlias
SamCloseHandle
SamiChangePasswordUser
SamSetSecurityObject
SamDeleteAlias
SamRemoveMemberFromAlias
SamDeleteUser
SamAddMemberToAlias

dskquoui

DllGetClassObject

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Ky
Size: 512B - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.a
Size: 4KB - Virtual size: 822KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jsm
Size: 4KB - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aNY
Size: 91KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.i
Size: 121KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

371ae8194ad2e56245156a0147916408

Headers

File Characteristics

Imports

kernel32

samlib

dskquoui

Sections

.text Size: 18KB - Virtual size: 18KB

.Ky Size: 512B - Virtual size: 52KB

.a Size: 4KB - Virtual size: 822KB

.rdata Size: 1KB - Virtual size: 39KB

.jsm Size: 4KB - Virtual size: 540KB

.aNY Size: 91KB - Virtual size: 164KB

.data Size: 7KB - Virtual size: 233KB

.i Size: 121KB - Virtual size: 131KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 18KB - Virtual size: 18KB

.Ky
Size: 512B - Virtual size: 52KB

.a
Size: 4KB - Virtual size: 822KB

.rdata
Size: 1KB - Virtual size: 39KB

.jsm
Size: 4KB - Virtual size: 540KB

.aNY
Size: 91KB - Virtual size: 164KB

.data
Size: 7KB - Virtual size: 233KB

.i
Size: 121KB - Virtual size: 131KB

.rsrc
Size: 4KB - Virtual size: 3KB