0f9ab36a91c762fc36f74943b546965a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0f9ab36a91c762fc36f74943b546965a_JaffaCakes118
Size

39KB
MD5

0f9ab36a91c762fc36f74943b546965a
SHA1

16f4cee57af0fe4b7a846585561db0605bc7462d
SHA256

c25f616e5c353ddda5bdb6da949c04b911b8257603e53437311683e31d2042a8
SHA512

e649673b6c6b24d85fa7b2938b02611762d6cc3ccf485672cfcdff89907140ac2c3d051c23f018587831a698d64b25742da0106190120e79b569586e29f1254d
SSDEEP

768:pBm7yJ+te8y39GdANdxW7+qjaHZx9zhqbTeSTb8Nk4KG:pBm7QWvy1vWhjWqbTeebG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f9ab36a91c762fc36f74943b546965a_JaffaCakes118

Files

0f9ab36a91c762fc36f74943b546965a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4fe30296f237093d11e586ef57d4374f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

perfctrs

OpenTcpIpPerformanceData
OpenSPXPerformanceData
CloseNWNBPerformanceData
OpenNWNBPerformanceData
CloseDhcpPerformanceData
CollectNWNBPerformanceData
CloseTcpIpPerformanceData
CollectSPXPerformanceData
CloseIPXPerformanceData
OpenIPXPerformanceData
OpenNbfPerformanceData
CollectDhcpPerformanceData
CollectNbfPerformanceData
CollectIPXPerformanceData
CollectTcpIpPerformanceData
CloseNbfPerformanceData
OpenDhcpPerformanceData
CloseSPXPerformanceData

pdh

PdhUpdateLogW
PdhValidatePathW
PdhConnectMachineW
PdhVbGetDoubleCounterValue
PdhOpenLogA
PdhReadRawLogRecord
PdhGetCounterTimeBase
PdhValidatePathA
PdhLookupPerfNameByIndexW
PdhOpenQueryA
PdhCollectQueryData
PdhGetDefaultPerfCounterA
PdhGetCounterInfoW
PdhCloseLog
PdhGetDefaultPerfObjectW
PdhCreateSQLTablesA
PdhEnumObjectsA
PdhGetRawCounterArrayA
PdhVbCreateCounterPathList
PdhParseCounterPathW
PdhRelogA

kernel32

CallNamedPipeA
HeapCreate
SetLocalTime
PrepareTape
CopyFileExW
CancelWaitableTimer
GetCurrentThread
HeapUnlock
FillConsoleOutputAttribute
GetCommTimeouts
WriteProcessMemory
SetMessageWaitingIndicator
CommConfigDialogW
SetComputerNameExW
VirtualAlloc
SetVolumeLabelA
GetConsoleAliasW
LoadLibraryA
SetEnvironmentVariableW
GetStartupInfoA
GetCurrentProcessId
SetFileShortNameW
GetLongPathNameW
OutputDebugStringW
GetSystemDefaultLangID
QueryPerformanceCounter
VerLanguageNameA
CompareFileTime

adsldpc

LdapFirstAttribute
AdsTypeToLdapTypeCopyTime
ADsFreeColumn
ADsSetSearchPreference
LdapTypeToAdsTypeDNWithString
LdapGetNextPageS
LdapGetSyntaxIdOfAttribute
SchemaOpen
SchemaGetStringsFromStringTable
ADSIGetObjectAttributes
ADSICloseSearchHandle
ADsDeleteAttributeDefinition
BuildADsPathFromLDAPPath2
ADsGetNextColumnName
FreeADsStr
ADsCreateClassDefinition
InitObjectInfo
intcmp

user32

EnumDisplaySettingsExA
GetClipboardData
FlashWindowEx
CreateAcceleratorTableW
OpenDesktopW
CloseDesktop
CreateWindowExA
GetDCEx
ClientToScreen
SendDlgItemMessageA
GetTopWindow
SetShellWindowEx
GetTabbedTextExtentW
SendMessageCallbackW
GetCursor
RemovePropW

netapi32

NetErrorLogClear
DsRoleAbortDownlevelServerUpgrade
NetFileGetInfo
NetGroupAddUser
I_NetLogonSendToSam
I_NetLogonControl
NetBrowserStatisticsGet
DsRoleGetDcOperationResults
NetpwNameCompare
NetReplExportDirLock
NetLocalGroupGetMembers
NetpwPathCanonicalize
DsRoleDcAsDc
I_NetlogonComputeClientDigest
NetDfsRemove
DsAddressToSiteNamesA
NetDfsRemoveStdRoot
NetpCopyFtinfoContext
DsRoleCancel
NetReplImportDirGetInfo

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4fe30296f237093d11e586ef57d4374f

Headers

DLL Characteristics

File Characteristics

Imports

perfctrs

pdh

kernel32

adsldpc

user32

netapi32

Sections

.text Size: 29KB - Virtual size: 29KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 29KB - Virtual size: 29KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB