f7251ee466baf6907db04625e0feb62d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f7251ee466baf6907db04625e0feb62d_JaffaCakes118
Size

66KB
MD5

f7251ee466baf6907db04625e0feb62d
SHA1

dfe38d99e3bd1c5b94906905bae707fe0bc6a14f
SHA256

1e78dfe495a00e894910f13b521d140f05ea9fd4ebd39f68bf3617a81e10037b
SHA512

dec189ce0d70b423c5d91cfd13374d07572ef71093e3aa80439921e19b6415e4b87e2c1f7060dd0b7f6bc32f21eeb0c14638e78394fc6bd4e22ea27e5df83a6d
SSDEEP

1536:+Ga0iA184WdbCYqaBkHmEquOFoYm5Icfd2T1b6n7MFw9eD8xXmy+936uObGUs:+LZAobCba7LuYiI4ybI7MFwzxXJ+936e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7251ee466baf6907db04625e0feb62d_JaffaCakes118

Files

f7251ee466baf6907db04625e0feb62d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

73ed8b504f5933b969e08b986631f8ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUserGeoID
GetDiskFreeSpaceA
FindFirstFileExA
GetSystemWindowsDirectoryA
Process32First
TransmitCommChar
SetConsoleMenuClose
GetUserDefaultLCID
ExpungeConsoleCommandHistoryA
GetProfileIntA
SetVolumeMountPointA
GetComputerNameA
EnumSystemCodePagesA
GetThreadIOPendingFlag
GetCommandLineA
GetConsoleOutputCP
MultiByteToWideChar
EnumSystemLocalesA
CreateFileMappingA
FindAtomA
WriteProcessMemory
SetFileAttributesA
WaitNamedPipeA
CreateMutexA
GetEnvironmentVariableA
SetFileApisToANSI
VirtualAlloc
RegisterWaitForSingleObject
OpenWaitableTimerA
GetFileAttributesExA
SetCommMask
GetProcessHeap
IsSystemResumeAutomatic
FindNextFileA
GetCommModemStatus
GetVolumePathNameA
BuildCommDCBAndTimeoutsA
SetWaitableTimer
QueryPerformanceFrequency
SetFileShortNameA
SetProcessPriorityBoost
GetCurrentThreadId
FreeConsole
LocalReAlloc
FindNextVolumeMountPointA
GetConsoleInputExeNameA
GetDefaultCommConfigA
OpenJobObjectA
GetModuleHandleA
ResetWriteWatch
SetConsoleDisplayMode
ResumeThread
VerifyVersionInfoA
GetVersionExA
GetConsoleCP
GetLogicalDriveStringsA
OpenProcess
HeapCompact
OpenEventA
GetSystemTimes
GetFileSize
MulDiv
SetConsoleCursor
GetExitCodeProcess
SetThreadIdealProcessor
GetCurrencyFormatA
CancelWaitableTimer
GetNumberFormatA
OpenSemaphoreA
LZDone
OpenThread
GetCurrentProcessId
GetFullPathNameA
GetStringTypeExA
SetInformationJobObject
GetConsoleTitleA
lstrlenA
DisableThreadLibraryCalls
FillConsoleOutputCharacterA
GetSystemDefaultLCID
GetModuleFileNameA
SetCommConfig
ChangeTimerQueueTimer
CreateDirectoryExA
GetFileTime
VirtualQueryEx
IsProcessorFeaturePresent
GetVolumeNameForVolumeMountPointA
GetWindowsDirectoryA
DeleteTimerQueue
GetCurrentConsoleFont
GetFileAttributesA
SetEnvironmentVariableA
GetSystemTime
RemoveDirectoryA
GetFileAttributesExA
GetNamedPipeInfo
FindFirstVolumeMountPointW
UpdateResourceA
UnlockFileEx
DisconnectNamedPipe
SetProcessShutdownParameters
CallNamedPipeA
GetSystemTimes
GetCurrentThreadId

d3d8

ValidatePixelShader
ValidateVertexShader

dhcpsapi

DhcpDeleteServer

Exports

Exports

Lpttelybag
SetRpfwblue

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

73ed8b504f5933b969e08b986631f8ff

Headers

File Characteristics

Imports

kernel32

d3d8

dhcpsapi

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 36KB - Virtual size: 142KB

.idata Size: 3KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 112B

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 36KB - Virtual size: 142KB

.idata
Size: 3KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 112B

.rsrc
Size: 2KB - Virtual size: 2KB