e24713e73200a81671ba7ab610b7bb6e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e24713e73200a81671ba7ab610b7bb6e_JaffaCakes118
Size

85KB
MD5

e24713e73200a81671ba7ab610b7bb6e
SHA1

7cbdab80ca84db11f8a309cbefe9ca0fe10d127e
SHA256

819283d0cc4bc91a07432103b2683fa30b6db1648035d34ae3321c0722f289e4
SHA512

780316936888550718051e5310fdb98693f6248ba7a34fcd58cf9b2a8ba4eebd24992ceeb2e0364a6d91b77e404b511b1afda023a9928ad9c43e6b97a016cd12
SSDEEP

1536:/ppsotwtPRP54HqV+/Y+Io+GJaUzlCiTg0e0e0k/vvtO:Byo21ty+5V0zlNnrkFO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e24713e73200a81671ba7ab610b7bb6e_JaffaCakes118

Files

e24713e73200a81671ba7ab610b7bb6e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

708c82ed22a72edaf2a2c7b0bbd21978

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
GetCommConfig
OpenFileMappingW
EnumSystemGeoID
UpdateResourceA
LoadLibraryA
SetProcessWorkingSetSize
lstrcpyn
GetDateFormatW
GetStartupInfoA
GetProcessAffinityMask
AddLocalAlternateComputerNameA
LZOpenFileW
GetCurrentDirectoryA
GetConsoleCursorMode
GlobalAlloc
DelayLoadFailureHook
RtlFillMemory
CallNamedPipeW
ProcessIdToSessionId
BuildCommDCBW
SetVolumeMountPointW
GetPrivateProfileStringA
GetCommMask
DuplicateHandle
OpenWaitableTimerW
VirtualAlloc
MapUserPhysicalPagesScatter
WriteConsoleW
SetCommState
SetComputerNameExW

msvcp60

??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??_0?$_Complex_base@N@std@@QAEAAV01@ABN@Z
?do_grouping@?$_Mpunct@G@std@@MBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?do_always_noconv@codecvt_base@std@@MBE_NXZ
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@H@2@V32@H@Z
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??1?$messages@D@std@@UAE@XZ
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z
?min@?$numeric_limits@O@std@@SAOXZ

msdtcprx

DTC_XaStart
ShutDownCM
DTC_XaPrepare
DTC_XaComplete
DTC_XaForget
DllGetDTCProxy
DTC_XaOpen
?RemoveDtc@@YGJPAG00@Z
DTC_XaClose
?GetDtcLogPath@@YGHKPAG@Z
?InstallDtcClient@@YGJPAGKK@Z
DTC_XaCommit
DllUnregisterServer

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

708c82ed22a72edaf2a2c7b0bbd21978

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcp60

msdtcprx

Sections

.text Size: 37KB - Virtual size: 37KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 22KB - Virtual size: 30KB

.rsrc Size: 22KB - Virtual size: 21KB

.reloc Size: 512B - Virtual size: 248B

.text
Size: 37KB - Virtual size: 37KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 22KB - Virtual size: 30KB

.rsrc
Size: 22KB - Virtual size: 21KB

.reloc
Size: 512B - Virtual size: 248B