0801bdfe02c1a8db005e01bea382cf99_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0801bdfe02c1a8db005e01bea382cf99_JaffaCakes118
Size

315KB
MD5

0801bdfe02c1a8db005e01bea382cf99
SHA1

f982bf8e4a3c53a16d6306cab816ae4de410819b
SHA256

750548f2c4cc5d5915fd8d5b0767cc3ec1c0e1e3806a2463c8ebcc813e5587a3
SHA512

aeb9e76087c8ae8fbac5d9dbbd85a0d0725be5ded70c3f73e5135893aa507b4984d4c9d4decb9f2d9ff363c4ce81331a501edecefa518fe129de665c53562d56
SSDEEP

6144:+CvpVFa7yxQeiNKIEZRiTlSTj9XEyTc6gPIxgA:+Cv3QuxyNjqRiTlSTj9UyTc6FqA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0801bdfe02c1a8db005e01bea382cf99_JaffaCakes118

Files

0801bdfe02c1a8db005e01bea382cf99_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5c66478233cec79a34a670d875741c89

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

pdh

PdhParseInstanceNameA
PdhParseCounterPathW
PdhExpandCounterPathA
PdhCloseQuery
PdhTranslate009CounterW
PdhSetCounterScaleFactor
PdhGetLogFileSize
PdhIsRealTimeQuery
PdhEnumObjectItemsHA
PdhTranslateLocaleCounterW
PdhRelogW
PdhOpenLogA
PdhGetDllVersion
PdhOpenQueryW
PdhListLogFileHeaderA
PdhGetDefaultPerfObjectHW
PdhExpandCounterPathW
PdhCalculateCounterFromRawValue
PdhAddCounterW
PdhVbCreateCounterPathList
PdhGetRawCounterArrayA
PdhBindInputDataSourceA
PdhBrowseCountersHA
PdhGetRawCounterArrayW
PdhSelectDataSourceA
PdhTranslateLocaleCounterA
PdhParseCounterPathA
PdhConnectMachineA
PdhCreateSQLTablesW
PdhGetCounterInfoA
PdhCreateSQLTablesA
PdhGetDefaultPerfCounterHA
PdhAdd009CounterW

kernel32

SetFileShortNameW
GetCurrentDirectoryW
VirtualFree
GetFileSize
LockFile
LoadLibraryA
GetModuleFileNameW
GetVersionExW
SystemTimeToTzSpecificLocalTime
GetCurrentProcessId
Sleep
CreateProcessW
GetTimeZoneInformation
SetPriorityClass
GetSystemTime
GetPriorityClass
GetTickCount
VirtualAlloc
FindVolumeMountPointClose
GetCurrentProcess
SetFilePointer
SetCurrentDirectoryW
CreateHardLinkW
LocalFree
LoadResource
FindClose
LocalAlloc
CloseHandle
WideCharToMultiByte
TerminateProcess
EraseTape
FindNextFileW
GetVersionExW
GetEnvironmentVariableW
LocalFileTimeToFileTime
GetTapeParameters
CloseHandle
QueryPerformanceCounter

crtdll

isalpha
_snwprintf
_strerror
wcsncpy
_y0
tmpfile
__threadhandle
_ultoa
_purecall
rename
_pwctype_dll
_chmod
_commit
_sys_errlist
_mbctohira
_itoa
swprintf
atof
_mbcjistojms
_abnormal_termination
_mbscspn
exit
_mbsnset
_CIsin
_baseminor_dll
system
_dup
_setmode
_cabs
_getdiskfree
toupper
strncat
_getch
srand
setvbuf
_mbscpy
_isnan
__threadid
gets
_osminor_dll
_flushall
_ismbchira
realloc
atan
_ismbcdigit
_popen
iswlower
_jn
_mbslwr
_CIsqrt
_mbsninc
_strnset
_searchenv
vprintf
_CItanh
_isctype
_clearfp
_mbsspnp
_mbsnicmp
_assert
strlen
frexp
_cputs
_local_unwind2
_findclose
_wcsset
_lfind
_mbsicmp
ldiv
__argv_dll
iswalnum
_unlink
vfwprintf
_sopen
wcspbrk
_wtoi
ftell
_strdup
_mbsncat
_mbctype
_snprintf
_getdllprocaddr
_strset
_wcsicmp
iswupper
_fdopen
_lsearch
strtod
_wcsicoll
_pclose
strtol
_filbuf
tanh
longjmp
_msize
_vsnprintf
_logb
fwrite
strpbrk
log10
_mbscat
_getdrives
_ismbbgraph
_mktemp
isspace
_mbctolower
_except_handler2
_fputchar
fgetc
iswspace
_getw
isgraph
strncmp
strcspn
_CIlog
putc
strcmp
_ismbbtrail
_osversion_dll
tmpnam
_statusfp
clock
_locking
_rotl
_control87
wcstombs
strxfrm
_eof
fputs
log

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 672KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c66478233cec79a34a670d875741c89

Headers

DLL Characteristics

File Characteristics

Imports

pdh

kernel32

crtdll

Sections

.text Size: 87KB - Virtual size: 87KB

.data Size: 22KB - Virtual size: 22KB

.rsrc Size: 204KB - Virtual size: 672KB

.text
Size: 87KB - Virtual size: 87KB

.data
Size: 22KB - Virtual size: 22KB

.rsrc
Size: 204KB - Virtual size: 672KB