f7045d551818cca5819f52629d3e665e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f7045d551818cca5819f52629d3e665e_JaffaCakes118
Size

862KB
MD5

f7045d551818cca5819f52629d3e665e
SHA1

0d5a9256838b8e2eab8278ca93aee5002ae2625e
SHA256

817b75d882a080555fa20897825293cd8e23b4e75c57d3771722cbb61d6bcf3e
SHA512

0e4c072a4a43116a4c1207177e01a9487470e18439de40d2d76f75f47233bccc08642f042c67904ebfee2b3ef1fa0f20ef3a1922a875f969641a732f664be8fc
SSDEEP

24576:TJkIZHjz4vbblCm1QMIMysF9hG3zabYxrh7CNyqVxv:9kgHjzQ0u9hG3zabYx92Qq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7045d551818cca5819f52629d3e665e_JaffaCakes118

Files

f7045d551818cca5819f52629d3e665e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

938fa2fb50298fb1cf7fcd6af04fb63d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcirt

?unlockbuf@ios@@QAAXXZ
?is_open@ofstream@@QBEHXZ
??4stdiostream@@QAEAAV0@AAV0@@Z
??6ostream@@QAEAAV0@J@Z
??0ofstream@@QAE@ABV0@@Z
?blen@streambuf@@IBEHXZ
?flush@@YAAAVostream@@AAV1@@Z
?sync@stdiobuf@@UAEHXZ
?rdbuf@stdiostream@@QBEPAVstdiobuf@@XZ
??1iostream@@UAE@XZ
?iword@ios@@QBEAAJH@Z
?text@filebuf@@2HB
?doallocate@strstreambuf@@MAEHXZ
?overflow@filebuf@@UAEHH@Z
??1ostrstream@@UAE@XZ
?str@istrstream@@QAEPADXZ
??4ios@@IAEAAV0@ABV0@@Z
??1ofstream@@UAE@XZ
?gcount@istream@@QBEHXZ
?sh_none@filebuf@@2HB
?openprot@filebuf@@2HB
??4strstreambuf@@QAEAAV0@ABV0@@Z
??_7ios@@6B@
??0stdiobuf@@QAE@PAU_iobuf@@@Z
?rdbuf@istrstream@@QBEPAVstrstreambuf@@XZ
??_7filebuf@@6B@
?setbuf@streambuf@@UAEPAV1@PADH@Z
?cout@@3Vostream_withassign@@A
?write@ostream@@QAEAAV1@PBCH@Z
??0ofstream@@QAE@H@Z
?is_open@ifstream@@QBEHXZ
?overflow@strstreambuf@@UAEHH@Z
?fd@filebuf@@QBEHXZ
__dummy_export
??5istream@@QAEAAV0@P6AAAVios@@AAV1@@Z@Z

kernel32

GlobalGetAtomNameA
GlobalFlags
CreateEventW
LocalAlloc
RtlZeroMemory
WideCharToMultiByte
GetConsoleInputWaitHandle
CommConfigDialogA
OpenJobObjectA
UpdateResourceA
GetLocaleInfoW
GetLocalTime
QueryMemoryResourceNotification
LoadLibraryA
GetTempPathW
LZOpenFileA
lstrcmpW
FindFirstChangeNotificationW
DefineDosDeviceW
SetCommTimeouts
GetDiskFreeSpaceExW
GetProfileSectionA
_lopen
VerifyVersionInfoA
UnmapViewOfFile
lstrcpyn
CreateHardLinkW
SetConsoleDisplayMode
ConvertDefaultLocale
SetConsolePalette
lstrcat
OutputDebugStringA
GetDevicePowerState
SetHandleCount
LockFile
TlsFree
VirtualAlloc
GetFileSize
CreateWaitableTimerW
GetGeoInfoW
SetComputerNameW
GetDateFormatA
SetVolumeLabelA
GetSystemDefaultLangID
GetCurrentDirectoryA
GetTickCount
InterlockedFlushSList
WritePrivateProfileStringW
CopyLZFile
AttachConsole
BindIoCompletionCallback
GetUserGeoID
GetCalendarInfoA
InitializeSListHead
DeleteAtom
SetLocalPrimaryComputerNameA
WriteConsoleOutputCharacterW
FindResourceExW
GetConsoleCursorMode
BaseDumpAppcompatCache
SetLastError
FindActCtxSectionStringA

rasapi32

RasEnumEntriesA
RasDialA
DDMGetPhonebookInfo
RasEditPhonebookEntryA
RasGetConnectionStatistics
RasCreatePhonebookEntryW
RasEnumAutodialAddressesW
DwRasUninitialize
RasGetAutodialAddressA
RasClearConnectionStatistics
RasGetCountryInfoW
RasGetSubEntryHandleA
RasGetEapUserIdentityW
RasGetEapUserDataA
RasCreatePhonebookEntryA
RasSetAutodialAddressW
RasScriptSend
RasGetConnectStatusA
DwCloneEntry
RasSetAutodialAddressA
RasEnumDevicesA
RasFreeEapUserIdentityW
RasAutodialEntryToNetwork
RasGetProjectionInfoA
RasGetAutodialEnableW
RasGetEapUserDataW
RasDialW
RasScriptTerm
RasDeleteSubEntryA
RasGetAutodialAddressW
RasGetSubEntryPropertiesW
RasSetAutodialParamW
RasGetProjectionInfoW
RasSetSubEntryPropertiesW
RasGetCustomAuthDataW
RasSetCustomAuthDataA
RasSetEntryDialParamsW

msdart

?IsValid@CLKRLinearHashTable@@QBE_NXZ
?_ExtractKey@CLKRLinearHashTable@@ABE?BKPBX@Z
?ConvertSharedToExclusive@CReaderWriterLock2@@QAEXXZ
?DeleteIf@CLKRLinearHashTable@@QAEKP6G?AW4LK_PREDICATE@@PBXPAX@Z1@Z
?ReadLock@CLKRLinearHashTable@@QBEXXZ
?ConvertSharedToExclusive@CLKRLinearHashTable@@QBEXXZ
??4CCritSec@@QAEAAV0@ABV0@@Z
?ReadLock@CReaderWriterLock@@QAEXXZ
?sm_llGlobalList@CLKRLinearHashTable@@0VCLockedDoubleList@@A
?ReadUnlock@CFakeLock@@QAEXXZ
?ConvertSharedToExclusive@CLKRHashTable@@QBEXXZ
?_TryWriteLock@CReaderWriterLock3@@AAE_NJ@Z
?TryWriteLock@CSmallSpinLock@@QAE_NXZ
??0CSingleList@@QAE@XZ
mpRealloc
?IsWriteUnlocked@CFakeLock@@QBE_NXZ
?Apply@CLKRHashTable@@QAEKP6G?AW4LK_ACTION@@PBXPAX@Z1W4LK_LOCKTYPE@@@Z
?WriteUnlock@CReaderWriterLock3@@QAEXXZ
?IsValid@CLKRHashTable@@QBE_NXZ
?_SubTable@CLKRHashTable@@ABEPAVCLKRLinearHashTable@@K@Z
??4CReaderWriterLock2@@QAEAAV0@ABV0@@Z
?ConvertExclusiveToShared@CSmallSpinLock@@QAEXXZ
SetMemHook
?ReadOrWriteLock@CFakeLock@@QAE_NXZ
?SetTableLockSpinCount@CLKRLinearHashTable@@QAEXG@Z
?IsWriteUnlocked@CSmallSpinLock@@QBE_NXZ
?TryReadLock@CSpinLock@@QAE_NXZ
?IsWinNT@CMdVersionInfo@@SAHXZ
??1CReaderWriterLock3@@QAE@XZ
?GetDefaultSpinCount@CReaderWriterLock3@@SGGXZ
?RemoveEntry@CDoubleList@@SGXQAVCListEntry@@@Z
?GetDefaultSpinCount@CCritSec@@SGGXZ
?ReadLock@CSpinLock@@QAEXXZ
?ValidSignature@CLKRLinearHashTable@@QBE_NXZ
?TryWriteLock@CCritSec@@QAE_NXZ
??0CReaderWriterLock2@@QAE@XZ

Sections

.text
Size: 358KB - Virtual size: 358KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 359KB - Virtual size: 359KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

938fa2fb50298fb1cf7fcd6af04fb63d

Headers

DLL Characteristics

File Characteristics

Imports

msvcirt

kernel32

rasapi32

msdart

Sections

.text Size: 358KB - Virtual size: 358KB

.rdata Size: 359KB - Virtual size: 359KB

.data Size: 141KB - Virtual size: 1.6MB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 358KB - Virtual size: 358KB

.rdata
Size: 359KB - Virtual size: 359KB

.data
Size: 141KB - Virtual size: 1.6MB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1KB - Virtual size: 1KB