1015f57bc3b7ee5758d4767e7c830492_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1015f57bc3b7ee5758d4767e7c830492_JaffaCakes118
Size

233KB
MD5

1015f57bc3b7ee5758d4767e7c830492
SHA1

c6eb42d72f9fb977f2aeaea465c19ddd9d721d00
SHA256

eae47051691c090a6f6296e864fe60c5a95ebdbbc2b2aab53cae2002946e45fd
SHA512

a0bab44d0c358c544031e424c858f2026ac1769d6674946ac7e6289f03b50a4cb91180b12e244e882dd85917263720c116212caa4a2d7f0e2a99fb08199c6c2f
SSDEEP

6144:5X7MW3Y2O0RMmuAt5I0VmoHOlJ4TavrwYbkX1:R71pOA5IcmwOlJ4TaS1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1015f57bc3b7ee5758d4767e7c830492_JaffaCakes118

Files

1015f57bc3b7ee5758d4767e7c830492_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4545e7e63588373f8376626c5a6c31a9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

perror
_strnicmp
_CIatan
_strset
sinh
_vsnprintf
_CIacos
_wcslwr
_execlp
iswprint
_ismbbpunct
_ismbbtrail
wcscpy
_eof
malloc
wscanf
__toascii
_spawnle
strcpy
_fgetchar
_purecall
_mbctoupper
_strtime
_mbsdup
_CIcos
__threadid
printf

kernel32

IsBadReadPtr
TransactNamedPipe
CreateActCtxW
EnumerateLocalComputerNamesW
QueryPerformanceCounter
VirtualQueryEx
InterlockedExchange
SetThreadPriority
RemoveLocalAlternateComputerNameA
MoveFileExA
GetNamedPipeHandleStateA
ExitProcess
IsBadHugeReadPtr
LoadLibraryA
ResetEvent
GetTempFileNameW
FindFirstFileExA
FindClose
TransmitCommChar
GetModuleHandleA
SetSystemTime
SetMailslotInfo
CopyFileExW
VirtualAlloc
LZCloseFile
_lwrite
SetProcessWorkingSetSize
EnumCalendarInfoExW
RtlFillMemory
GlobalUnlock
GetSystemTimeAsFileTime
GetTempPathA
GetProcessVersion
LZClose
SetVolumeLabelW
GetLongPathNameA
FatalAppExitW

wldap32

ldap_search_extW
ldap_parse_extended_resultA
ldap_parse_sort_controlA
ldap_free_controlsW
ldap_searchW
ldap_simple_bind_sW
ldap_bind_sW
ldap_sslinit
ldap_free_controlsA
ldap_compare_sW
ber_bvecfree
ldap_get_next_page_s
ldap_parse_reference
ldap_control_freeW
ldap_parse_referenceA
ber_scanf
ldap_check_filterW
ldap_get_next_page
ldap_initA
ldap_delete_extA
ldap_modrdn2A
ldap_err2string
ldap_parse_sort_control
ldap_extended_operation
ldap_parse_vlv_controlA
ldap_startup
ldap_bind_sA
ldap_close_extended_op
ldap_get_values_lenW
ldap_modify_ext
ldap_encode_sort_controlA

gdi32

GetTextCharset
AnyLinkedFonts
PtVisible
STROBJ_dwGetCodePage
EndFormPage
DdEntry31
GetCharWidthI
GdiEntry6
GetTextMetricsA
PlayEnhMetaFileRecord
GdiTransparentBlt
CreatePen
PathToRegion
PatBlt
FixBrushOrgEx
GetOutlineTextMetricsW
GetTextExtentExPointI
STROBJ_bEnum
SetPixel
PolyPolygon
GdiSetAttrs
GdiConvertBitmapV5
GetArcDirection
GetWindowExtEx
GdiStartPageEMF
BRUSHOBJ_hGetColorTransform

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4545e7e63588373f8376626c5a6c31a9

Headers

DLL Characteristics

File Characteristics

Imports

crtdll

kernel32

wldap32

gdi32

Sections

.text Size: 89KB - Virtual size: 88KB

.rdata Size: 122KB - Virtual size: 121KB

.data Size: 15KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 89KB - Virtual size: 88KB

.rdata
Size: 122KB - Virtual size: 121KB

.data
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 4KB