14d8999f2792a755c6f5881e2232294a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14d8999f2792a755c6f5881e2232294a_JaffaCakes118
Size

44KB
MD5

14d8999f2792a755c6f5881e2232294a
SHA1

34789a36853dadaff6f9fed058e9b171050bbfe0
SHA256

b786930ca0d9bf58c4743d26d1418847264b5cae592ecbd6da6f837c1912cb6d
SHA512

b6e60f8aeb3db2a5137a4229c0bc38e0d754fd94c3e212ac9034d111f85a570abe86a00315285c1b116c55c84f984cfdfff0b1268c1974f3071b227b65414b9d
SSDEEP

768:JmJvi2tk1/5j9gw9dQzMkaU9i2xbwtdDVkrgp142cjOiJ8lbxjmzPJqW:J+vi285h7kaoGBVkrS4siJ8lbNiJB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14d8999f2792a755c6f5881e2232294a_JaffaCakes118

Files

14d8999f2792a755c6f5881e2232294a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0dc076c8a46ee6cc9ceb2fb16e33287f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
lstrcpy
LoadLibraryA
ExitProcess
SetLastError
RtlCaptureStackBackTrace
SetThreadLocale
GetProcessIoCounters
SetConsoleActiveScreenBuffer
FreeResource
IsValidLocale
SetCommState
DebugActiveProcessStop
IsDebuggerPresent
WaitForMultipleObjects
GenerateConsoleCtrlEvent
RtlCaptureContext
InitializeCriticalSection
EnumResourceNamesW
AttachConsole
VirtualAlloc
GetSystemTimeAsFileTime
OpenJobObjectA
SetComPlusPackageInstallStatus
GetModuleHandleA
WriteConsoleInputVDMA
SetFileValidData
GetEnvironmentStringsW
GetCurrentActCtx
OutputDebugStringA
WriteFile
ExpungeConsoleCommandHistoryA

olecli32

DibQueryBounds
DibClone
OleQueryOpen
LeSaveToStream
GenRelease
LeClone
OleSaveToStream
LeObjectConvert
OleRequestData
BmChangeData
DibRelease
OleObjectConvert
OleQuerySize
OleIsDcMeta
LeReconnect
OleEqual
ObjRename
DibEqual
OleQueryBounds
MfCopy
OleSetColorScheme
LeExecute
OleSetTargetDevice

crtdll

rand
_cprintf
isalnum
wcsncat
malloc
_yn
_isatty
__doserrno
_cwait
vprintf
_ismbckata
_wcsrev
fwscanf
__pxcptinfoptrs
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
_mbbtype
atoi
_strnextc
perror
_rotr
_y1

ntdll

RtlCreateUnicodeStringFromAsciiz
ZwTraceEvent
RtlMakeSelfRelativeSD
ZwPrivilegedServiceAuditAlarm
RtlMultiAppendUnicodeStringBuffer
towlower
NtFlushWriteBuffer
isgraph
_memicmp
RtlFreeHandle
bsearch
_ui64toa
DbgUiStopDebugging
RtlDeleteElementGenericTable
RtlConvertSharedToExclusive
RtlLargeIntegerSubtract
RtlLocalTimeToSystemTime
ZwQueryPortInformationProcess
ZwStartProfile
NtQueryInformationPort
RtlDosPathNameToNtPathName_U
ZwOpenDirectoryObject
ZwSetUuidSeed
RtlRunDecodeUnicodeString
NtSetInformationDebugObject

opengl32

glLineStipple
glPixelMapusv
wglShareLists
glVertex2fv
glColorPointer
glPixelTransferf
glMapGrid1f
glRasterPos4d
wglGetLayerPaletteEntries
glTexGendv
glIndexsv
glDrawElements
glScaled
glRasterPos4iv
wglGetPixelFormat
glVertex2i

mtxclu

MtxCluIsSameClusterW
MtxCluGetComputerNameW
MtxCluIsClusterPresent
MtxCluGetSecurityRegValue
Startup
MtxCluGetDTCStatusW
MtxCluTakeOfflineDTCW
MtxCluIsNetworkNameInLocalClusterW
MtxCluBringOnlineDTCW
MtxCluIsClusterPresentExW
MtxCluGetDTCVirtualServerNameW
MtxCluSetSecurityRegValue
MtxCluIsSameNodeW

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0dc076c8a46ee6cc9ceb2fb16e33287f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

olecli32

crtdll

ntdll

opengl32

mtxclu

Sections

.text Size: 35KB - Virtual size: 35KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 35KB - Virtual size: 35KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB