JaffaCakes118_2a27ef2d9715982118c1ca7fff34951c

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_2a27ef2d9715982118c1ca7fff34951c
Size

831KB
MD5

2a27ef2d9715982118c1ca7fff34951c
SHA1

282ade51e4c753c4851f93634adddad8e396b4e1
SHA256

37cd5aa0a66c7f5687fe5fcac5c86e2295538b5795dcd67f19d20d3c14a951f3
SHA512

77d2ca01b9d0f6f09291aed3203728bc311af63028135971354c62ede75d9b8197f5e4aaa38f3329f334b43be048704215df8c06ab1b435c63130697b8fa5d99
SSDEEP

24576:0F+L86wT24LmDlEgCuEoLd/zwMkkrVKaO:E+hwT2dDlEgi+zwYYa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_2a27ef2d9715982118c1ca7fff34951c

Files

JaffaCakes118_2a27ef2d9715982118c1ca7fff34951c
.exe windows:5 windows x86 arch:x86

5bc1b5be106616885330207ab89a63a8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntprint

PSetupCreateMonitorInfo
PSetupDestroyPrinterDeviceInfoList
PSetupIsCompatibleDriver
PSetupGetDriverInfo3
PSetupCreateDrvSetupPage
PSetupProcessPrinterAdded
PSetupBuildDriversFromPath
PSetupDestroyMonitorInfo
PSetupDestroySelectedDriverInfo
PSetupSelectDriver
PSetupFreeDrvField
PSetupInstallInboxDriverSilently
PSetupEnumMonitor
PSetupInstallMonitor
PSetupShowBlockedDriverUI
PSetupGetLocalDataField
PSetupInstallPrinterDriver
PSetupIsDriverInstalled
PSetupSelectDeviceButtons
PSetupGetSelectedDriverInfo
PSetupInstallICMProfiles
PSetupSetSelectDevTitleAndInstructions
ClassInstall32
PSetupDestroyDriverInfo3
PSetupDriverInfoFromName
PSetupAssociateICMProfiles
PSetupPreSelectDriver

kernel32

MapViewOfFileEx
Heap32Next
VirtualLock
ReadConsoleOutputCharacterW
SetLocalPrimaryComputerNameA
LoadLibraryW
HeapDestroy
WriteTapemark
GetCurrentConsoleFont
CompareStringW
GetProcessIoCounters
GetUserGeoID
TzSpecificLocalTimeToSystemTime
GetModuleHandleW
GetCPInfoExW
RegisterWaitForSingleObjectEx
HeapSetInformation
GetLocaleInfoA
Beep
GetHandleInformation
GetEnvironmentStrings
WriteConsoleOutputCharacterA
BaseUpdateAppcompatCache
GetCurrentThread

ntdll

DbgUiGetThreadDebugObject
ZwOpenProcess
ZwFlushKey
CsrFreeCaptureBuffer
_ltoa
ZwEnumerateValueKey
strlen
ZwDebugContinue
RtlCreateAtomTable
RtlQueryRegistryValues
cos
NtFlushKey
RtlInitializeHandleTable

untfs

Extend
?SafeQueryAttribute@NTFS_FRS_STRUCTURE@@QAEEKPAVNTFS_ATTRIBUTE@@0@Z
?QueryClusterFactor@NTFS_SA@@QBEEXZ
?ResetIterator@NTFS_INDEX_TREE@@QAEXXZ
??1NTFS_BITMAP@@UAE@XZ
?IsAttributePresent@NTFS_FILE_RECORD_SEGMENT@@QAEEKPBVWSTRING@@E@Z
?NtfsUpcaseCompare@@YGJPBGK0KPBVNTFS_UPCASE_TABLE@@E@Z
??1NTFS_FILE_RECORD_SEGMENT@@UAE@XZ
?CompareDupInfo@NTFS_MFT_INFO@@SGEPAXPAU_FILE_NAME@@@Z
??0NTFS_REFLECTED_MASTER_FILE_TABLE@@QAE@XZ
?Initialize@NTFS_UPCASE_TABLE@@QAEEPAVNTFS_ATTRIBUTE@@@Z
?QueryFileReference@NTFS_INDEX_TREE@@QAEEKPAXKPAU_MFT_SEGMENT_REFERENCE@@PAE@Z
?Resize@NTFS_ATTRIBUTE@@UAEEVBIG_INT@@PAVNTFS_BITMAP@@@Z

wldap32

ldap_modify_extA
ldap_create_page_controlW
ldap_simple_bind_s
ldap_delete_extA
ldap_sslinit
ldap_get_next_page_s
ldap_compareW
ldap_cleanup
ldap_free_controlsW
ldap_search_ext_s
ldap_add_ext_sW
ldap_search_init_page
ldap_get_next_page
ldap_extended_operationW
ldap_dn2ufn

Sections

.text
Size: 369KB - Virtual size: 369KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5bc1b5be106616885330207ab89a63a8

Headers

DLL Characteristics

File Characteristics

Imports

ntprint

kernel32

ntdll

untfs

wldap32

Sections

.text Size: 369KB - Virtual size: 369KB

.rdata Size: 90KB - Virtual size: 90KB

.data Size: 189KB - Virtual size: 1.6MB

.rsrc Size: 180KB - Virtual size: 180KB

.reloc Size: 1024B - Virtual size: 856B

.text
Size: 369KB - Virtual size: 369KB

.rdata
Size: 90KB - Virtual size: 90KB

.data
Size: 189KB - Virtual size: 1.6MB

.rsrc
Size: 180KB - Virtual size: 180KB

.reloc
Size: 1024B - Virtual size: 856B