0a7d2dcee50a1e9f4afce44262763d6a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0a7d2dcee50a1e9f4afce44262763d6a_JaffaCakes118
Size

44KB
MD5

0a7d2dcee50a1e9f4afce44262763d6a
SHA1

f5c93b7f3e72bcb44bd3c60d03ba2f4c44c9a262
SHA256

a11af7d1ec74face6c2ae410badd3ba89fa6b656ecc9cae6a78b62c7dd955899
SHA512

cfc415f0e3c302a5a75a23960677b9f8a774d4e22269101ee8c2f103714b9ead921de024bfcc667421d47bccec9496f6f124e7203d6e6926874ffc9558b8eddd
SSDEEP

768:96YP4EqKpkhxVALuptqmVo8XMVrmT94kJmTI3zJ6VIn4XsMOup8McZRfsE:9iCkluupsOLXp943TI3V6vspuSZNs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a7d2dcee50a1e9f4afce44262763d6a_JaffaCakes118

Files

0a7d2dcee50a1e9f4afce44262763d6a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ceda6107677d120c3f06e6ea08e0388c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetLogicalDriveStringsW
CreateToolhelp32Snapshot
QueryPerformanceCounter
QueryInformationJobObject
RestoreLastError
GetPrivateProfileIntA
GetLocaleInfoW
GetSystemDefaultUILanguage
CreateProcessInternalA
GetCurrentThread
GetModuleHandleW
LoadLibraryW
FindAtomW
SetComputerNameExA
ReadFileEx
SetConsoleKeyShortcuts

winscard

SCardGetStatusChangeW
SCardConnectA
SCardFreeMemory
SCardForgetReaderW
SCardRemoveReaderFromGroupW
SCardReleaseNewReaderEvent
SCardRemoveReaderFromGroupA
SCardGetCardTypeProviderNameW
SCardForgetCardTypeW
SCardListReaderGroupsA
SCardSetAttrib
SCardIntroduceReaderW
SCardGetStatusChangeA

crtdll

mblen
strcat
_cprintf
malloc
towlower
_mbsspnp
_except_handler2
_mbsnccnt
_mbsrev
_fputwchar
_mbsnbcnt
realloc
wcsrchr
swscanf
_osmode_dll
atoi
_copysign
_finite
_getdrive
remove
_fpreset
_mkdir
_mbscat
_mbctohira
strtoul
perror
_wcsicoll
_expand
fgetpos
_cabs
_getsystime
_execlpe
_commode_dll
_ismbcprint
wcscat
_commit
_mbsset
vsprintf
_sleep
atof
_heapmin
_chdir
_abnormal_termination
isalnum
_wcsnset
iswpunct
_mbsnset

cfgmgr32

CM_Get_DevNode_Registry_PropertyA
CM_Free_Resource_Conflict_Handle
CM_Free_Res_Des
CM_Set_Class_Registry_PropertyW
CM_Set_DevNode_Problem
CM_Modify_Res_Des
CM_Get_Class_Name_ExA
CM_Query_And_Remove_SubTreeW
CM_Add_Empty_Log_Conf
CM_Get_Device_ID_List_Size_ExA
CM_Get_Depth_Ex
CM_Query_Arbitrator_Free_Data_Ex
CM_Invert_Range_List
CM_Disable_DevNode_Ex
CM_Get_Sibling
CM_Set_DevNode_Problem_Ex
CMP_UnregisterNotification
CM_Get_Device_IDW
CM_Run_Detection
CM_Add_ID_ExA
CM_Get_Device_ID_Size_Ex
CM_Get_Next_Res_Des
CM_Enable_DevNode
CM_Get_Device_Interface_List_SizeA
CM_Add_Res_Des_Ex
CM_Add_IDA
CM_Delete_Range
CM_Test_Range_Available
CM_Intersect_Range_List
CM_Get_First_Log_Conf_Ex

sqlwoa

_SetWindowLong@12
_GetDlgItemText@16
_StartDoc@8
_CreateFile@28
_CommDlg_OpenSave_GetSpec@12
ConvertMultiSZNameToW
_LoadLibrary@4
_FormatMessage@28
_GetObject@12
_SetDlgItemText@12
_DefWindowProc@16
_GetDiskFreeSpaceEx@16
_DeleteFile@4
_MoveFile@8
_IsDialogMessage@8
newWideCharFromMultiByte
_SetWindowText@8

rasapi32

DwCloneEntry
UnInitializeRAS
RasGetCountryInfoW
RasDeleteSubEntryW
RasSetCustomAuthDataW
RasSetSubEntryPropertiesW
RasHangUpW
RasCreatePhonebookEntryW
RasEditPhonebookEntryW
RasEnumEntriesA
RasConnectionNotificationA
RasGetLinkStatistics
RasDialW
RasEditPhonebookEntryA
RasGetAutodialParamA
RasSetEapUserDataW
RasScriptSend
RasGetEntryPropertiesA
RasRenameEntryW
RasQuerySharedConnection
RasSetAutodialAddressW
RasValidateEntryNameW
RasGetCredentialsW
RasSetEapUserDataA
RasSetEntryDialParamsW
RasDeleteEntryW

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ceda6107677d120c3f06e6ea08e0388c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winscard

crtdll

cfgmgr32

sqlwoa

rasapi32

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 10KB - Virtual size: 9KB