0956de278514e9d9556db894fa89a020_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0956de278514e9d9556db894fa89a020_JaffaCakes118
Size

134KB
MD5

0956de278514e9d9556db894fa89a020
SHA1

e28a5ed5591c94c18e42dc7b4b9f2eb6621ce9a5
SHA256

0f60e0a027520252ab64b066207019f7c6d312c3fd3b0682f4f0fdf73a990ebc
SHA512

e7aa297e1fe3d88453117de72e9dd397547af742803f4497efc333f68dac4261cebcdc0119f1e9e8f1c1f47eac5797de07bacd495e13f34b2311fb7023a49998
SSDEEP

3072:RoAwOyLRIkjtGmIQV5T/CF0SXe8/tGw2CC1Wm8pGcYGRGV:1wRFIkBGIVR/CFzknCvgcYkm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0956de278514e9d9556db894fa89a020_JaffaCakes118

Files

0956de278514e9d9556db894fa89a020_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9c06d31c25a58d9607a727866befdcd2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

clbcatq

CheckMemoryGates
SetupSave
OpenComponentLibraryOnMemEx
GetCatalogObject
CLSIDFromStringByBitness
CoRegCleanup
ComPlusMigrate
SetSetupSave
DeleteAllActivatorsForClsid
UpdateFromComponentChange
CreateComponentLibraryEx
DowngradeAPL
DllRegisterServer
DllGetClassObject
ServerGetApplicationType
DllUnregisterServer
UpdateFromAppChange
SetSetupOpen
InprocServer32FromString
GetComputerObject
ActivatorUpdateForIsRouterChanges
DllCanUnloadNow
GetCatalogObject2
GetSimpleTableDispenser
SetupOpen
OpenComponentLibraryOnStreamEx
OpenComponentLibraryEx

winmm

midiInStop
waveInGetPosition
joySetCapture
mciSendStringW
waveOutBreakLoop
mmioSendMessage
WOWAppExit
SendDriverMessage
mmioStringToFOURCCW
DrvGetModuleHandle
sndPlaySoundW
midiOutUnprepareHeader
mciLoadCommandResource
midiInClose
mciGetYieldProc
mixerGetID
auxOutMessage
waveOutGetDevCapsW
mmioOpenW
mmioRead
joyGetPosEx
mciExecute
CloseDriver
waveOutGetPosition
joyGetDevCapsA

wldap32

ldap_parse_result
ldap_get_values
ldap_create_sort_controlW
ldap_get_values_lenA
ber_bvfree
ldap_delete_sA
ber_first_element
ldap_search_init_page
ldap_modify_sW
ldap_count_references
ldap_searchW
ldap_first_attributeW
ldap_search_stW
ldap_modrdn2A
ldap_extended_operation_sW
LdapUnicodeToUTF8
ldap_set_dbg_flags
ldap_count_valuesA
ldap_rename_ext_sA
ldap_err2stringA
ldap_modrdn
ldap_get_next_page_s
ldap_count_values
ldap_modifyA

mapistub

FPropExists@8
HrSetOmiProvidersFlagsInvalid
UlPropSize@4
OpenTnefStream
MAPIOpenLocalFormContainer
BMAPIResolveName
MAPIUninitialize@0
DeinitMapiUtil@0
ScCountNotifications@12
BMAPIGetReadMail
FixMAPI@0
ScCopyProps@16
MAPILogonEx@20
UNKOBJ_ScCOAllocate@12
OpenIMsgOnIStg@44
CchOfEncoding@4

mscat32

MsCatFreeHashTag
CryptCATGetMemberInfo
CryptCATOpen
CryptCATCDFEnumCatAttributes
CryptCATAdminAddCatalog
CryptCATCDFEnumMembersByCDFTag
MsCatConstructHashTag
CryptCATAdminEnumCatalogFromHash
CryptCATCDFEnumAttributes
CryptCATCDFEnumMembersByCDFTagEx
CryptCATClose
CryptCATEnumerateCatAttr
DllUnregisterServer
DllRegisterServer

kernel32

BackupRead
GetPrivateProfileSectionA
LZStart
lstrcmpi
CreateMutexA
LoadLibraryW
ReadProcessMemory
GetLastError
CreateFileMappingA
FlushFileBuffers
GetConsoleAliasesLengthW
FreeEnvironmentStringsA
SetCriticalSectionSpinCount
CreateDirectoryA
GlobalFindAtomW
GetCurrentThread
SetConsoleTitleW
GetLocaleInfoW
GlobalFlags
RegisterWaitForInputIdle
GetModuleHandleW

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c06d31c25a58d9607a727866befdcd2

Headers

File Characteristics

Imports

clbcatq

winmm

wldap32

mapistub

mscat32

kernel32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 51KB - Virtual size: 50KB

.data Size: 30KB - Virtual size: 30KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 51KB - Virtual size: 50KB

.data
Size: 30KB - Virtual size: 30KB

.rsrc
Size: 6KB - Virtual size: 5KB