ef04ace17c72c2b6e4fc9f20f8f1248f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ef04ace17c72c2b6e4fc9f20f8f1248f_JaffaCakes118
Size

495KB
MD5

ef04ace17c72c2b6e4fc9f20f8f1248f
SHA1

a61c086507cb865ae9e5a098253b28714049c3f1
SHA256

921b0b70b0af6002f70675a92428ce4b8c71e6a9710c1ca71ad9b846f102b3c4
SHA512

4def2e73f97d87533abd8b92cd131bb94fb7465fc4e45878bda5c417511c28493d9bfe32ddf4fbbafe3e2ccf0401383606d86ac59e89d971817dde63f351fe8f
SSDEEP

12288:H/ZBysI71+MMnMMMMM8bNeoe2tpBedr5s0DrsJ9qF:HxwsI71+MMnMMMMM8bNeoFo5iJw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef04ace17c72c2b6e4fc9f20f8f1248f_JaffaCakes118

Files

ef04ace17c72c2b6e4fc9f20f8f1248f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b5d1d96fcb09773cad061ee272f6f07c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

samlib

SamRemoveMultipleMembersFromAlias
SamTestPrivateFunctionsUser
SamConnectWithCreds
SamiEncryptPasswords

mswsock

sethostname

ddraw

DirectDrawEnumerateA

kernel32

FindFirstFileA
GetCurrentProcessId
SetEndOfFile
GetStartupInfoA
GetStringTypeW
LoadLibraryExA
HeapAlloc
GetEnvironmentStringsW
GlobalUnlock
GetWindowsDirectoryA
HeapDestroy
SystemTimeToFileTime
lstrcmpiW
HeapSize
GetEnvironmentStrings
LeaveCriticalSection
CreateFileA
GetTickCount
GlobalFree
GetStringTypeA
CompareStringA
ExitProcess
SetErrorMode
GetLastError
TlsAlloc
GetTempPathA
GetTempFileNameA
UnlockFile
GlobalDeleteAtom
RemoveDirectoryA
FindClose
GetCurrentThreadId
GetProcAddress
lstrcpyA
CreateProcessW
VirtualFree
MultiByteToWideChar
ResumeThread
DeleteFileA
HeapReAlloc
FlushInstructionCache
FreeEnvironmentStringsW
ResetEvent
lstrlenA
SizeofResource
GlobalAlloc
InterlockedIncrement
SetFilePointer
LCMapStringW
CreateThread
GetCurrentDirectoryA
CreateDirectoryA
lstrcmpA
GetModuleFileNameA
FileTimeToSystemTime
LoadLibraryA
GetCurrentProcess
GetLocalTime
VirtualAlloc
SetEnvironmentVariableA
MulDiv
SetCurrentDirectoryA
_lclose
InitializeCriticalSection
GlobalHandle
FormatMessageW
GetSystemInfo
CreateSemaphoreA
FormatMessageA
lstrcatA
SetLastError
IsDBCSLeadByte
FindResourceA
GetDriveTypeA
lstrcmpiA
WriteFile
ReadFile
CloseHandle
GetTimeZoneInformation
GetACP
LockResource
CreateProcessA
GetVersion
GetSystemDefaultLangID
ReleaseSemaphore
FindNextFileA
SetFileAttributesA
DeleteCriticalSection
GetDateFormatA
CompareStringW
GetCommandLineA
FileTimeToLocalFileTime
lstrcpynA
VirtualQuery
CreateEventA
GetUserDefaultLangID
GetFileTime
GetStringTypeExA
DuplicateHandle
GetLocaleInfoA
SetLocalTime
WideCharToMultiByte
GetSystemDirectoryA
VirtualProtect
HeapCreate
CreateMailslotA
GetStdHandle

user32

CallMsgFilterW

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 153KB - Virtual size: 1024KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5d1d96fcb09773cad061ee272f6f07c

Headers

DLL Characteristics

File Characteristics

Imports

samlib

mswsock

ddraw

kernel32

user32

Sections

.text Size: 1KB - Virtual size: 1KB

.idata Size: 3KB - Virtual size: 3KB

.data Size: 153KB - Virtual size: 1024KB

.reloc Size: 512B - Virtual size: 64B

.rsrc Size: 130KB - Virtual size: 130KB

.rdata Size: 204KB - Virtual size: 204KB

.text
Size: 1KB - Virtual size: 1KB

.idata
Size: 3KB - Virtual size: 3KB

.data
Size: 153KB - Virtual size: 1024KB

.reloc
Size: 512B - Virtual size: 64B

.rsrc
Size: 130KB - Virtual size: 130KB

.rdata
Size: 204KB - Virtual size: 204KB