fb4ec6ad03d1222f274e6a0a9525ca7f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fb4ec6ad03d1222f274e6a0a9525ca7f_JaffaCakes118
Size

124KB
MD5

fb4ec6ad03d1222f274e6a0a9525ca7f
SHA1

33c83b47f7a7bebf4511e66e9e637db27e89f90f
SHA256

db0ca8281cc030b13d01759723bd18054da1b5eb9952599a3a0b05dbedb24e07
SHA512

35ca0b369ac4591485ffd3419c596acee71f056714e8db61bae5bbf6ef7d15a8f13b3bb023d213fd84a94f7c30eeb4b2dc030bdf0bf00a7f22aac83ca3ac96e1
SSDEEP

3072:s7yQQY9VL8XiiV7xSfBkXfE1SM4031Ktfio:uQY/LcSpkXp8Kt6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb4ec6ad03d1222f274e6a0a9525ca7f_JaffaCakes118

Files

fb4ec6ad03d1222f274e6a0a9525ca7f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b7d25b0cce45735ea2d8f4825275c615

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mciGetErrorStringA
WOW32DriverCallback
joyGetDevCapsW
auxOutMessage
midiOutReset
midiStreamProperty
mixerMessage
mmioAdvance
midiStreamOpen
midiInGetDevCapsW
mmioWrite
midiInAddBuffer
mmioRenameA
mciGetDeviceIDW
mmioFlush
PlaySoundW
waveInGetErrorTextA
waveInGetErrorTextW
midiStreamOut
timeGetSystemTime
tid32Message

kernel32

GetComputerNameExA
RemoveDirectoryA
SetThreadExecutionState
UpdateResourceA
AddAtomA
GetModuleHandleA
ReadConsoleInputExW
GetConsoleDisplayMode
GetCurrentConsoleFont
UnregisterWait
GetCPInfoExA
WriteProfileSectionA
GetFileAttributesW
FindResourceW
LoadLibraryA
FlushConsoleInputBuffer
GetCommandLineA
LocalLock
EnumResourceLanguagesW
FreeLibrary
GetModuleFileNameA
GetNumberFormatW
CopyLZFile
GetTapeParameters
WriteConsoleOutputA
SearchPathW
GetStringTypeA
VirtualAlloc

ole32

OleCreateLinkFromDataEx
CoQueryReleaseObject
OleSetMenuDescriptor
CoUnloadingWOW
CoRegisterClassObject
HkOleRegisterObject
CoRegisterChannelHook
OleIsCurrentClipboard
StgOpenAsyncDocfileOnIFillLockBytes
HENHMETAFILE_UserFree
HENHMETAFILE_UserMarshal
GetHGlobalFromILockBytes
HPALETTE_UserSize
CoIsHandlerConnected
FreePropVariantArray
HMENU_UserFree
IsAccelerator
OleLoadFromStream
CoGetInstanceFromIStorage

wldap32

ldap_parse_page_controlW
ldap_get_values_lenA
ldap_modrdn_s
ldap_set_dbg_routine
ldap_simple_bind
ldap_bindW
ldap_sasl_bind_sA
ldap_rename_ext_s
ldap_create_page_controlW
ldap_simple_bindW
ldap_value_free
ldap_rename_extW
cldap_openA
ldap_delete_ext_sW
ldap_modrdn_sA
ldap_compareW
ldap_conn_from_msg
ldap_control_freeW
ldap_free_controls
ldap_modify_sW
ldap_compareA
ldap_delete_extW
ldap_err2stringA

netapi32

DsRoleFreeMemory
I_NetServerAuthenticate
NetpGetFileSecurity
NetReplImportDirLock
I_BrowserDebugTrace
NetpCleanFtinfoContext
NetLocalGroupAdd
RxNetAccessDel
NetpAssertFailed
NetServerComputerNameDel
I_NetGetDCList
I_NetlogonComputeClientDigest
NetDfsMove
NetDfsEnum
I_NetAccountDeltas
NetWkstaUserGetInfo
NetLocalGroupSetMembers
NetWkstaTransportEnum
NetScheduleJobAdd
NetDfsRemove
NetApiBufferSize
NetGroupGetUsers
NetpGetConfigTStrArray

usp10

ScriptItemize
ScriptTextOut
ScriptString_pSize
ScriptGetProperties
ScriptFreeCache
ScriptStringXtoCP
ScriptGetLogicalWidths
ScriptApplyDigitSubstitution
ScriptStringGetOrder
ScriptIsComplex
ScriptShape
ScriptString_pLogAttr
ScriptPlace
LpkPresent
ScriptCacheGetHeight

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7d25b0cce45735ea2d8f4825275c615

Headers

DLL Characteristics

File Characteristics

Imports

winmm

kernel32

ole32

wldap32

netapi32

usp10

Sections

.text Size: 60KB - Virtual size: 60KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 57KB - Virtual size: 197KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 200B

.text
Size: 60KB - Virtual size: 60KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 57KB - Virtual size: 197KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 200B