3054f0179978cfbe5ecd45c943d14c14_JaffaCakes118

General

Target

3054f0179978cfbe5ecd45c943d14c14_JaffaCakes118
Size

41KB
MD5

3054f0179978cfbe5ecd45c943d14c14
SHA1

6e32a27185782bfb49278b474c7c7116585e8959
SHA256

d26816f0d626a7d65683b98e4a223244a18e72229c1b3005735852f7ced0c695
SHA512

b2b75b127405d6464824dca721380a1d3b7cbe586c3fd7321e92dba74078cabd213c155a1cc4bbe3337c78d860f6303ad110ddb79bef5d9ec26b566c923a9bb5
SSDEEP

768:iVTYJhsnPJ0dpTVbspEgSBOzaC5An9RS10GJFA8hIx:EMLAqpqRz3An2FAIE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3054f0179978cfbe5ecd45c943d14c14_JaffaCakes118

Files

3054f0179978cfbe5ecd45c943d14c14_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ecb6c6b54da244c171b7d7f5dacb5b5f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msdtcprx

DTC_XaComplete
DTC_XaPrepare
DTC_XaEnd
DllGetTransactionManagerCore
DTC_XaCommit
DllGetDTCUtilObject
?GetDtcLogPath@@YGHKPAG@Z
?Create@CNameService@@SGJPAPAV1@@Z
DTC_XaForget
?RemoveDtc@@YGJPAG00@Z
DllGetDTCConnectionManager
?CreateInstance@CTmProxyCore@@SGJPAPAV1@PAUIUnknown@@@Z
DTC_XaRollback
DTC_XaClose
ShutDownCM
DllGetDTCProxy
ContactToNameObject
DTC_XaRecover

kernel32

GlobalFree
CreateSocketHandle
GetUserDefaultLangID
FoldStringA
GetUserDefaultLCID
GetEnvironmentStringsW
RegisterWaitForInputIdle
VDMConsoleOperation
OpenSemaphoreA
SetFileAttributesA
DeleteFileA
lstrcpyW
MultiByteToWideChar
lstrcat
RegisterConsoleIME
GetStringTypeA
LoadLibraryA
SetConsoleLocalEUDC
GetSystemTimeAsFileTime
SetCommConfig

certcli

CARemoveCACertificateType
CASetCertTypeFlags
CAOIDSetProperty
CACertTypeUnregisterQuery
CACreateCertType
CADeleteCertType
CASetCACertificate
CACreateNewCA
CAAddCACertificateType
CASetCertTypePropertyEx
CAGetCertTypeExtensions
CASetCAProperty
CASetCAFlags

crtdll

_ungetch
wcstol
strxfrm
_iob
_findfirst
_strnset
_exit
_cexit
strcoll

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ecb6c6b54da244c171b7d7f5dacb5b5f

Headers

DLL Characteristics

File Characteristics

Imports

msdtcprx

kernel32

certcli

crtdll

Sections

.text Size: 34KB - Virtual size: 33KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 448B

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 34KB - Virtual size: 33KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 448B

.rsrc
Size: 3KB - Virtual size: 2KB