0fa18b65034d55c73a1df00431fa12d6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0fa18b65034d55c73a1df00431fa12d6_JaffaCakes118
Size

646KB
MD5

0fa18b65034d55c73a1df00431fa12d6
SHA1

32e1ddcad95ea029d71c1548dfa986814a07ff0b
SHA256

72e5e85f65085a3ff4d78c268f8f25ac45efe16d92c9a097ad6721d25d6b7f77
SHA512

5a84966942e046a72de3ed5a66ad5e6c82ae00c8aa84dd9e5848b5acaa057ee60b456a4cdb47f5d7258075820bca773d8f6f7a6786868d9c00f42ad1a722c275
SSDEEP

12288:5THF3xzmU2MwYkpX2C+IY+3Wf/kevcJNEK2uYym+51zBjz/:5THbzmukpLF3ysEczB2uYz+5tBjz/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fa18b65034d55c73a1df00431fa12d6_JaffaCakes118

Files

0fa18b65034d55c73a1df00431fa12d6_JaffaCakes118
.exe windows:3 windows x86 arch:x86

c87183e6bcf007f71f9108dc7d177382

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED

Imports

msasn1

ASN1BERDecBitString

dhcpsapi

DhcpAddMScopeElement
DhcpAddServer
DhcpAddSubnetElement
DhcpAuditLogGetParams
DhcpAuditLogSetParams
DhcpCreateClass
DhcpCreateClientInfo
DhcpCreateOption
DhcpCreateSubnet
DhcpDeleteClass
DhcpDeleteClientInfo
DhcpDeleteMClientInfo
DhcpDeleteMScope
DhcpDeleteServer
DhcpDeleteSubnet
DhcpDsCleanup
DhcpDsClearHostServerEntries
DhcpDsInit
DhcpEnumClasses
DhcpEnumMScopeClients
DhcpEnumMScopeElements
DhcpEnumMScopes
DhcpEnumOptionValues
DhcpEnumSubnets
DhcpEnumOptions
DhcpEnumServers
DhcpEnumSubnetClients
DhcpEnumSubnetElements
DhcpGetAllOptions
DhcpGetClassInfo
DhcpGetClientInfo

kernel32

CallNamedPipeA
GetTickCount
GetWindowsDirectoryA
GetCommTimeouts
AddAtomA
HeapReAlloc
HeapSetInformation
HeapSize
HeapSummary
GlobalFindAtomW
_lopen
ReleaseMutex
_lread

esent

JetAddColumn
JetAttachDatabase
JetBackup
JetBackupInstance
JetBeginSession
JetBeginTransaction
JetCloseDatabase
JetCloseFile

glu32

gluLoadSamplingMatrices
gluLoadSamplingMatrices
gluLoadSamplingMatrices
gluLoadSamplingMatrices
gluLoadSamplingMatrices
gluLoadSamplingMatrices
gluLoadSamplingMatrices
gluLoadSamplingMatrices
gluLoadSamplingMatrices
gluLoadSamplingMatrices
gluLoadSamplingMatrices
gluLoadSamplingMatrices
gluLoadSamplingMatrices
gluLoadSamplingMatrices
gluLoadSamplingMatrices
gluLoadSamplingMatrices
gluLoadSamplingMatrices
gluLoadSamplingMatrices
gluLoadSamplingMatrices
gluLoadSamplingMatrices
gluLoadSamplingMatrices
gluLoadSamplingMatrices
gluLoadSamplingMatrices
gluLoadSamplingMatrices

Sections

.text
Size: 28KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 158KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 586KB - Virtual size: 588KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.neolit
Size: 5KB - Virtual size: 8KB

Sharing

General

Malware Config

Signatures

Files

c87183e6bcf007f71f9108dc7d177382

Headers

File Characteristics

Imports

msasn1

dhcpsapi

kernel32

esent

glu32

Sections

.text Size: 28KB - Virtual size: 35KB

.data Size: 14KB - Virtual size: 158KB

.rsrc Size: 586KB - Virtual size: 588KB

.neolit Size: 5KB - Virtual size: 8KB

.text
Size: 28KB - Virtual size: 35KB

.data
Size: 14KB - Virtual size: 158KB

.rsrc
Size: 586KB - Virtual size: 588KB

.neolit
Size: 5KB - Virtual size: 8KB