45ae0da047fbc12369af3542382f6207_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

45ae0da047fbc12369af3542382f6207_JaffaCakes118
Size

848KB
MD5

45ae0da047fbc12369af3542382f6207
SHA1

113602948a5c020f2b2af8759453a2ec1bcdb016
SHA256

cf5342abdfce4e1cf4c798453b6f1f190aa61c7f9acc622a2e8f4c2c859e5348
SHA512

42dc38ac975a1a2868d76514b6a87507ad7fd8edc7a89a61f9dae9650a263873cb56c431de1eb8071a9261e0a343b8ce7f2d5c56defe899d03c2c8bebf03c53f
SSDEEP

24576:t7/BCMHADaBLOPq5yMWpesgWTcpmhESC32b+:tTBC36yHppLk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45ae0da047fbc12369af3542382f6207_JaffaCakes118

Files

45ae0da047fbc12369af3542382f6207_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4e86e49c7c0f3303d0969b2389bd3587

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetDefaultCommConfigW
SetConsoleIcon
GlobalAddAtomA
lstrcpy
InterlockedFlushSList
IsValidCodePage
GlobalAlloc
SetCommTimeouts
Process32NextW
LZStart
RemoveVectoredExceptionHandler
LoadLibraryA
WaitNamedPipeW
EnumResourceLanguagesA
GetTickCount
ReadFileScatter
RegisterWowExec
InitializeCriticalSection
GetDriveTypeA
GetNumaHighestNodeNumber
VirtualAlloc

msdart

?_CmpExch@CReaderWriterLock3@@AAE_NJJ@Z
?sm_dblDfltSpinAdjFctr@CSpinLock@@1NA
?SetBucketLockSpinCount@CLKRLinearHashTable@@QAEXG@Z
?_LockSpin@CReaderWriterLock2@@AAEX_N@Z
?GetDefaultSpinAdjustmentFactor@CReaderWriterLock3@@SGNXZ
?InitializeVersionInfo@CMdVersionInfo@@CAHXZ
?ReadLock@CFakeLock@@QAEXXZ
?_IsLocked@CSpinLock@@ABE_NXZ
?RemoveEntry@CLockedDoubleList@@QAEXQAVCListEntry@@@Z
??1CDoubleList@@QAE@XZ
?IsEmpty@CSingleList@@QBE_NXZ
?_CurrentThreadId@CSmallSpinLock@@CGJXZ
?IsWriteLocked@CLKRHashTable@@QBE_NXZ
?TryWriteLock@CFakeLock@@QAE_NXZ
?GetSpinCount@CFakeLock@@QBEGXZ
??4CLKRHashTableStats@@QAEAAV0@ABV0@@Z

sqlunirl

_GetDriveType_@4
_FindText_@4
_lstrcpyn_@12
_GetMetaFile_@4
_GetTextExtentPoint@16
_GetClassName_@12
_IsCharAlphaNumeric_@4
_RegDeleteValue_@8
_GetCharWidth_@16
_PolyTextOut_@12
_OpenWindowStation_@12
_NDdeShareGetInfo_@28
_FindFirstChangeNotification_@12
_LoadAccelerators_@8
_WinHelp@16
_lstrcpy_@8

ntdsapi

DsMakePasswordCredentialsW
DsMapSchemaGuidsW
DsFreeSpnArrayA
DsFreeDomainControllerInfoW
DsInheritSecurityIdentityA
DsReplicaConsistencyCheck
DsMapSchemaGuidsA
DsBindW
DsFreeSpnArrayW
DsReplicaAddA
DsReplicaSyncAllA
DsCrackSpn3W
DsCrackUnquotedMangledRdnA
DsUnBindW
DsFreeDomainControllerInfoA
DsFreePasswordCredentials
DsReplicaGetInfoW
DsMakePasswordCredentialsA

inetcomm

MimeEditIsSafeToRun
MimeOleGetPropW
MimeEditCreateMimeDocument
EssSecurityLabelDecodeEx
EssMLHistoryEncodeEx
MimeOleGetFileInfo
HrFreeAttachData
MimeOleSMimeCapsFull
MimeOleFileTimeToInetDate
CreateRASTransport
MimeOleGenerateFileName
MimeOleFindCharset
MimeOleParseRfc822AddressW
MimeEditGetBackgroundImageUrl
MimeOleSMimeCapInit
HrGetLastOpenFileDirectoryW

iprop

StgCreatePropStg
StgCreatePropSetStg
FmtIdToPropStgName
FreePropVariantArray
StgOpenPropStg
PropVariantClear
PropVariantCopy
PropStgNameToFmtId

Sections

.text
Size: 716KB - Virtual size: 715KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e86e49c7c0f3303d0969b2389bd3587

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msdart

sqlunirl

ntdsapi

inetcomm

iprop

Sections

.text Size: 716KB - Virtual size: 715KB

.rdata Size: 124KB - Virtual size: 123KB

.data Size: 4KB - Virtual size: 1.4MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 716KB - Virtual size: 715KB

.rdata
Size: 124KB - Virtual size: 123KB

.data
Size: 4KB - Virtual size: 1.4MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB