0f66b1c9fc3692b6547342a158ea8bdb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0f66b1c9fc3692b6547342a158ea8bdb_JaffaCakes118
Size

372KB
MD5

0f66b1c9fc3692b6547342a158ea8bdb
SHA1

fb698cf35efffddb4275c0e37aa1f718ea5632ac
SHA256

1531d9ab4e455345389d94d1d5480d996b118c0ce9c61756fadd3a392083c4d7
SHA512

060019077690ea56afa523fa422120c76e6387b1192e3818210d6d2757d6055af433be0d0c236db49836b6a4c3f21404450599e7a6d5f1efcb7f4de1141a7cac
SSDEEP

6144:TD0Huuu9Kp96dfJ51hiotCg/8rN+WFN++FEG4T0:889C6RJHDt0rYa4T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f66b1c9fc3692b6547342a158ea8bdb_JaffaCakes118

Files

0f66b1c9fc3692b6547342a158ea8bdb_JaffaCakes118
.dll windows:1 windows x86 arch:x86

1ce883d48c12845014b1923f1063d4df

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LeaveCriticalSection
DeleteCriticalSection
GetEnvironmentStrings
IsDBCSLeadByte
SetFilePointer
CloseHandle
OutputDebugStringA
GetFileAttributesA
GetCommandLineA
GlobalMemoryStatus
VirtualQuery
TlsFree
GetProcAddress
EnterCriticalSection
TlsGetValue
RaiseException
GetStdHandle
GetFileType
CreateFileA
ExitProcess
GetModuleFileNameA
GetVersionExA
TlsAlloc
VirtualAlloc
WriteFile
UnhandledExceptionFilter
SetConsoleCtrlHandler
GetStartupInfoA
GetLocalTime
GetCurrentThreadId
VirtualFree
TlsSetValue
SetHandleCount
RtlUnwind
InitializeCriticalSection
GetVersion
GetModuleHandleA
GetLastError
FreeEnvironmentStringsA

idapi32

ExprGenPostFix
ImltCreateTable2
OsUnlink
ImltCreateTable
LsGetTimeStampEncode
OsReadExact
_OsRealloc
LsTimeStampEncode
OsLoadDll
LsTimeStampDecode
OsWriteExact
OsSaveErrorByLang
OsFreeDll
OsGetProcAddressByName
CreateUniqFldNames
SqlDateString
TCONC
NCONC
ADDELT
MEMB
NCONS
LISTLENGTH
QGETM
DbiBatchMove
LsGetTime
ExecCallBack
GetCallBack
LsTimeDecode
OsClose
_OsCalloc
DbiGetDirectory
RegCallBack
CloseCallBack
LsTimeEncode
OpenCallBack
LBlobOpen
LsGetDate
OsOpenRW
OsLdIsAlpha
GetWorldFlags
OsLdUnloadObj
LsDateDecode
OsSetPrivateProfileString
OsGetPrivateProfileString
OsLdMBRStrICmp
OsLdMBRStrChr
OsLdMBRStrNICmp
OsLdMBRisKana
OsLdMBRisLead
OsLdOemToAnsi
CreateDrvObj
CreateDbObj
OsLdAnsiToOem
LsDateEncode
OsSeek
_OsMalloc
CreateVtObj
OsGetProcessId
OsLdGetSymbName
OsGetSharedPtr
OsMuxUnlock
OsLdStrnToUpper
OsClearError
OsMuxLock
OsFileExistsSearch
OsLdStrnCmpi
DbiFreeSQLRequest
DbiGetSQLRequest
OsLdStrnCmp
OsGetTempName
OsCreate
OsNmBldFName
OsNmPrsFName
OsLdLoadBySymbName
DbiGetObjFromName
SysYield
OsLdGetDefaultObj
OsGetTime
OsNmGetFName
OsSwFree
DbiSetToBegin
_OsFree
OsSwMalloc
DbiDeleteTable
DbiOpenTable
FAMILY
OsFileLength
TYPEOF
PARSEPATTERN

user32

OemToCharA
MessageBoxA
IsCharAlphaNumericA
EnumThreadWindows

Exports

Exports

@__lockDebuggerData$qv
@__unlockDebuggerData$qv
DllEntryPoint
SqlDrvInit
__DebuggerHookData

Sections

CODE
Size: 314KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 42KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1ce883d48c12845014b1923f1063d4df

Headers

File Characteristics

Imports

kernel32

idapi32

user32

Exports

Exports

Sections

CODE Size: 314KB - Virtual size: 316KB

DATA Size: 42KB - Virtual size: 56KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 9KB - Virtual size: 12KB

.rsrc Size: 1024B - Virtual size: 4KB

CODE
Size: 314KB - Virtual size: 316KB

DATA
Size: 42KB - Virtual size: 56KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 1024B - Virtual size: 4KB