303036e1c7bcd2a94eaae81e9bc62111_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

303036e1c7bcd2a94eaae81e9bc62111_JaffaCakes118
Size

85KB
MD5

303036e1c7bcd2a94eaae81e9bc62111
SHA1

368de4d48d78428b0940e79022cc00d10ebdaaf6
SHA256

d47faa91144504688d1fe924102b7796154688f059fba2c83da53be295f58bb8
SHA512

22fbe62f063f95b0f5b2c806c1179aa6d6134baeb9f9dff880b64a635b12a8ef266275f2e5d74c3432242e4cc4db088b4ff9e4accfee3e7a3ec936485d8c7fc4
SSDEEP

1536:sC4qoPEz2xUbMpazB60nVZihzdyiu1+z3V4EqLmksJPCsYZMndJgAY:f4qoPEyubua40Lwzdy3glvipOcAY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
303036e1c7bcd2a94eaae81e9bc62111_JaffaCakes118

Files

303036e1c7bcd2a94eaae81e9bc62111_JaffaCakes118
.exe windows:5 windows x86 arch:x86

97203fd9b767ea07d25f37453135942a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

query

??0CDFA@@QAE@PBGAAVCTimeLimit@@E@Z
?QueryInterface@CEmptyPropertyList@@UAGJABU_GUID@@PAPAX@Z
?GetTotalSizeInKB@CPropStoreManager@@QAEKXZ
?DecodeHtmlNumeric@@YGXPAG@Z
??1CPropStoreManager@@QAE@XZ
?Read@CDynStream@@QAEKPAXK@Z
?IsWriteProtected@CDriveInfo@@QAEHXZ
??0CEventLog@@QAE@PBG0@Z
?GetSortProp@CCatState@@QBEXIPAPBGPAW4SORTDIR@@@Z
??0CPropertyValueParser@@QAE@AAVCQueryScanner@@GK@Z
?VT_VARIANT_EQ@@YGHABUtagPROPVARIANT@@0@Z
_LoadBHIFilter@16
?GetPropInfoFromName@CEmptyPropertyList@@UAGJPBGPAPAUtagDBID@@PAGPAI@Z
??0CColumns@@QAE@ABV0@@Z
?IsDirectoryWritable@@YGHPBG@Z
?SetUI4@CStorageVariant@@QAEXKI@Z
?SetDWORDParam@CMachineAdmin@@QAEXPBGK@Z
?SetDWORDParam@CCatalogAdmin@@QAEXPBGK@Z
??0CGetDbProps@@QAE@XZ
??1CRangeRestriction@@QAE@XZ
?_ftFile@CGlobalPropFileRefresher@@0U_FILETIME@@A
??0CMmStream@@QAE@KH@Z
??0CCategorizationSet@@QAE@ABV0@@Z

iphlpapi

_PfBindInterfaceToIPAddress@12
GetUdpStatistics
GetTcpStatisticsEx
InternalSetIpNetEntry
GetIpStatisticsEx
CreateIpNetEntry
InternalSetIpStats
_PfDeleteInterface@4
GetAdapterOrderMap
SetIpStatistics
NotifyRouteChange
InternalGetIpAddrTable
InternalSetTcpEntry
GetRTTAndHopCount
GetIpAddrTable
SetTcpEntry
do_echo_rep
Icmp6CreateFile
DeleteProxyArpEntry
GetIpForwardTable
SetIpTTL
InternalGetIfTable

setupapi

SetupFreeSourceListW
pSetupRealloc
SetupDiSelectBestCompatDrv
CM_Get_Device_ID_List_ExW
SetupDiGetClassInstallParamsW
SetupDiSetDriverInstallParamsW
SetupQueueDeleteSectionA
CM_Locate_DevNodeA
SetupRemoveInstallSectionFromDiskSpaceListA
pSetupGetField
SetupDiGetDriverInstallParamsW
SetupAddInstallSectionToDiskSpaceListA
CM_Run_Detection
SetupLogErrorA
SetupDiSetClassRegistryPropertyA
SetupDiGetActualSectionToInstallW
SetupQueueRenameW
SetupDiInstallDeviceInterfaces
CM_Next_Range
SetupSetFileQueueAlternatePlatformW
CM_Get_Version_Ex
SetupRemoveFromDiskSpaceListA
pSetupStringTableInitialize
pSetupFree

rasapi32

RasCreatePhonebookEntryA
RasValidateEntryNameW
RasSetEntryPropertiesA
RasGetAutodialEnableW
RasSetEntryDialParamsA
RasGetEapUserDataW
UnInitializeRAS
RasEnumEntriesW
RasSetEapUserDataW
RasGetEntryDialParamsW
RasScriptInit
RasGetProjectionInfoW
RasGetErrorStringA
RasScriptSend
RasDialW
RasEnumAutodialAddressesW
RasAutoDialSharedConnection
RasSetCustomAuthDataW
RasGetEntryHrasconnW
RasSetAutodialEnableA
RasEnumConnectionsW

kernel32

LoadLibraryA
GetLastError
DeleteTimerQueue
VirtualAllocEx
GetPrivateProfileStructW
GetCurrentThreadId
GetConsoleAliasW
VirtualAlloc
DebugSetProcessKillOnExit
GetSystemTimeAsFileTime
MoveFileA
FreeEnvironmentStringsW
DeleteFiber
GetStartupInfoA
Module32NextW
AreFileApisANSI
Process32FirstW
GetProfileIntW
PeekNamedPipe
LockFileEx
GetTickCount
HeapCreate
QueryPerformanceCounter
SetHandleCount
CreateThread
GetCurrentProcessId

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97203fd9b767ea07d25f37453135942a

Headers

DLL Characteristics

File Characteristics

Imports

query

iphlpapi

setupapi

rasapi32

kernel32

Sections

.text Size: 34KB - Virtual size: 34KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 19KB - Virtual size: 46KB

.rsrc Size: 20KB - Virtual size: 19KB

.reloc Size: 512B - Virtual size: 280B

.text
Size: 34KB - Virtual size: 34KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 19KB - Virtual size: 46KB

.rsrc
Size: 20KB - Virtual size: 19KB

.reloc
Size: 512B - Virtual size: 280B