10ef396197fa5514e58d461503ea12bd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

10ef396197fa5514e58d461503ea12bd_JaffaCakes118
Size

51KB
MD5

10ef396197fa5514e58d461503ea12bd
SHA1

367f9c69c35d8683fd79fd70a95670e6bbe8a983
SHA256

05e2f1f7c1c19f9864bcfd072c079e92c7481d27b8cc9adafe9d18d62ced37ca
SHA512

61c225047d530ca57c8df7880c71f98be66f84ab5a30dca8c43cc40022c8bf0af0fc0ce98b4813adf4a97defd633fe799df66597e8cfb850a1c5bfc2ee4cddd0
SSDEEP

768:78/J2IfJTdzEH+yu8smQJ5eDtZNR7Op+8T90jBosMwAneSU5kaqaee:78xDxRzi+ysmQJRw9QgWaee

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10ef396197fa5514e58d461503ea12bd_JaffaCakes118

Files

10ef396197fa5514e58d461503ea12bd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2036426985aabb157c4da73aa603964f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SearchPathW
BaseFlushAppcompatCache
GetPrivateProfileIntA
ConvertFiberToThread
LocalCompact
GetCalendarInfoA
InitializeCriticalSection
GetThreadLocale
VirtualAlloc
DebugActiveProcessStop
EnumResourceNamesA
SetHandleCount
EnumUILanguagesA
DefineDosDeviceA
GetLongPathNameA
CreateSocketHandle
CopyFileExW
InitAtomTable
SetConsoleTextAttribute
SearchPathA
GlobalFindAtomW
HeapLock
VDMConsoleOperation
LCMapStringA
GetUserDefaultLangID
EnumResourceLanguagesW
Module32NextW
SetErrorMode
GetVolumeInformationW
RegisterWowBaseHandlers
SetFileShortNameW
ReadConsoleOutputCharacterW
MulDiv
ReplaceFileW
IsValidCodePage
GetCurrentConsoleFont
AddConsoleAliasW
WideCharToMultiByte
SetThreadExecutionState
GetPrivateProfileSectionA
lstrlenA
SetMailslotInfo
LoadLibraryA
GlobalFindAtomA
GetStartupInfoA
lstrcmp
AreFileApisANSI
HeapUnlock
OpenProcess
WritePrivateProfileSectionA
lstrcpyW

crtdll

_cexit
_hypot
_setjmp
wcspbrk
fwscanf
log
atoi
_fdopen
strncmp
_execve
fputs
iswprint
_ismbcsymbol
asin
iswalpha
atexit
localtime
_pclose
_ismbbtrail
_pctype_dll
__threadid
fgetwc
getc
_toupper
_write
sin
_sleep
fabs
_mbbtype

esent

JetAttachDatabase
JetCommitTransaction@8
JetRetrieveTaggedColumnList
JetTerm
JetDefragment2
JetCloseTable
JetStopService
JetRestoreInstance
JetGotoPosition
JetOpenTempTable3
JetAttachDatabaseWithStreaming
JetEscrowUpdate
JetUnregisterCallback
JetSnapshotStart
JetGetBookmark
JetEnableMultiInstance
JetRenameTable
JetGetVersion
JetOpenDatabase
JetMove@16
JetMakeKey
JetEndSession@8
JetBeginExternalBackupInstance
JetEndExternalBackup
JetRollback
JetDupSession
JetTerm@4
JetCreateIndex2
JetIndexRecordCount
JetOSSnapshotFreeze
JetPrepareUpdate@12
JetUpdate@20
JetDeleteColumn
JetSetDatabaseSize

msvcrt

_wfindfirsti64
_y0
_loaddll
fwscanf
__CxxRegisterExceptionObject
__crtGetLocaleInfoW
fprintf
_itoa
_y1
fputs
_wcstoui64
_mbsspnp
sscanf
putchar
__p__tzname
__p___initenv
_inpd
_ismbcl1
sqrt
ungetc
_wgetdcwd
__p___wargv
_ultoa
__dllonexit
__RTCastToVoid
_wfdopen
_time64
_mktime64
setvbuf
_findnext
__getmainargs
_daylight
_wfindnext
??_U@YAPAXI@Z
_strset
_CIacos
_mbctombb
_adj_fdiv_m16i
_ismbbkpunct
__p__mbctype
_ismbbprint
ungetwc
_CIsqrt
_wexecv
printf
_futime

ole32

CoGetCallerTID
HPALETTE_UserMarshal
StgCreateDocfile
StgOpenStorageOnILockBytes
PropVariantCopy
CLIPFORMAT_UserMarshal
OleRegEnumFormatEtc
IIDFromString
OleLoad
OleGetClipboard
HMENU_UserUnmarshal
CoReactivateObject
MonikerRelativePathTo
OleLockRunning
CreateErrorInfo
CoMarshalInterThreadInterfaceInStream
WriteStringStream
PropVariantClear
HBITMAP_UserUnmarshal
CoDisconnectObject
SNB_UserFree
CoRevokeMallocSpy
OleFlushClipboard
CoRegisterPSClsid
IsValidPtrIn
CreatePointerMoniker
UtConvertDvtd16toDvtd32
DcomChannelSetHResult
CoTreatAsClass
ReadClassStg
HDC_UserSize
HENHMETAFILE_UserSize
HBRUSH_UserMarshal
OleSetContainedObject
CoInitializeSecurity
OpenOrCreateStream
CoInitializeWOW
CoDeactivateObject
HMETAFILE_UserSize
BindMoniker
SNB_UserMarshal
SetDocumentBitStg
HACCEL_UserFree
StgOpenAsyncDocfileOnIFillLockBytes
FmtIdToPropStgName

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2036426985aabb157c4da73aa603964f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

crtdll

esent

msvcrt

ole32

Sections

.text Size: 37KB - Virtual size: 37KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 2KB - Virtual size: 11KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 37KB - Virtual size: 37KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 2KB - Virtual size: 11KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 1024B - Virtual size: 1024B