97f5363fde5840aa0955fa7973b55bd6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

97f5363fde5840aa0955fa7973b55bd6_JaffaCakes118
Size

1.8MB
MD5

97f5363fde5840aa0955fa7973b55bd6
SHA1

5fe349614aacd19fca5a55c700ef3f68c495f807
SHA256

c8467cc1d148c7212715df7db077db2c47b98a4ff77da2c721466cf4d1c948ef
SHA512

25d2d54719c92df1b867fb915e259b480394e904ff4580591c483e1a70a71ed55ccafc0aac524baae6a823c4c1da105caebb58e6e5f65139aa76bb3683018eea
SSDEEP

49152:JU3yrKJ6DeVOG9P1XkIJ2eI12xNRMLShBqL91V2vTA:J0BJ6QOEPHx2cNCLR12c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
97f5363fde5840aa0955fa7973b55bd6_JaffaCakes118

Files

97f5363fde5840aa0955fa7973b55bd6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f5a80cb2c3e28b7fc9d75a6881ec739a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\\Release\SqlDataReader.pdb

Imports

kernel32

SetStdHandle
GetEnvironmentStringsW
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetACP
GetStdHandle
HeapCreate
VirtualFree
VirtualQuery
GetSystemInfo
HeapSize
HeapReAlloc
CreateThread
GetFileType
ExitThread
HeapFree
GetStartupInfoA
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
ExitProcess
Sleep
HeapAlloc
GetTickCount
GetModuleHandleW
SetErrorMode
GetFileSizeEx
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileAttributesExA
FileTimeToLocalFileTime
GetCurrentDirectoryA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
VirtualProtect
QueryPerformanceCounter
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
RtlUnwind
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
FormatMessageA
LocalFree
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetShortPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
SetHandleCount
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
GetThreadLocale
GetStringTypeExA
DeleteFileA
MoveFileA
InterlockedDecrement
MulDiv
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
SetFileTime
GetFileAttributesA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
CloseHandle
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
lstrlenA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
WideCharToMultiByte
CompareStringA
LoadLibraryA
SetLastError
MultiByteToWideChar
FreeLibrary
lstrcmpW
GetModuleHandleA
GetProcAddress
GetVersionExA
SizeofResource
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
LoadResource
LockResource
FreeResource
GetSystemTime
GetFileTime
EnumDateFormatsA
GetProfileStringA
GetLocalTime
VirtualAlloc
GetLastError
GetModuleFileNameW
FileTimeToSystemTime
CreateEventA
GlobalAlloc
GetSystemTimeAsFileTime
WaitForSingleObject
GetCurrentProcess
MapUserPhysicalPages
CreateFileA
RaiseException
WriteConsoleA

user32

GetMenuItemInfoA
InflateRect
AppendMenuA
InsertMenuA
RemoveMenu
GetSysColorBrush
CharUpperA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
InsertMenuItemA
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorA
SetRectEmpty
IsZoomed
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ReleaseCapture
SetCapture
KillTimer
SetTimer
ClientToScreen
SetWindowRgn
IsRectEmpty
DestroyCursor
InvalidateRect
SetRect
ReleaseDC
TranslateMessage
ValidateRect
SetWindowContextHelpId
MapDialogRect
GetWindowThreadProcessId
ShowOwnedPopups
PostQuitMessage
ShowWindow
MoveWindow
IsDialogMessageA
DeleteMenu
LoadIconA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
GetSubMenu
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
DestroyIcon
CharNextA
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
PtInRect
GetMenu
SetWindowLongA
SetWindowPos
CreateMenu
PostThreadMessageA
GetTabbedTextExtentA
WindowFromPoint
CheckRadioButton
UnregisterClassA
OffsetRect
RegisterClipboardFormatA
RegisterWindowMessageA
IntersectRect
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
IsWindow
GetNextDlgTabItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
GetParent
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
DestroyWindow
SetCursor
GetMessageA
SetActiveWindow
SendDlgItemMessageA
FillRect
GetMenuItemID
GetKeyState
LoadBitmapA
IsWindowEnabled
DrawIcon
SetFocus
SetPropA
MessageBoxA
SetCursorPos
GetWindowLongA
CreateWindowExA
GetDlgItem
EndDialog
GetSysColor
GetCursorPos
GetMenuStringA
CheckDlgButton
LoadAcceleratorsA
IsDlgButtonChecked
CreateDialogParamW
GetMenuItemCount
PostMessageA
CreateWindowExW
SystemParametersInfoA
GetSystemMetrics
SetWindowTextA
LoadCursorA
GetDlgItemTextA
DrawFrameControl
SetDlgItemTextA
CopyRect
GetClientRect
SendMessageA
UpdateWindow
EnableWindow
GetDC

gdi32

CreatePatternBrush
CreateSolidBrush
GetTextMetricsA
GetTextExtentPoint32A
GetCharWidthA
CreateFontA
StretchDIBits
CreateCompatibleBitmap
CreateFontIndirectA
GetTextColor
GetRgnBox
ScaleWindowExtEx
GetMapMode
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextFaceA
GetTextExtentPointA
GetWindowOrgEx
ExtSelectClipRgn
GetBkColor
SetTextAlign
MoveToEx
LineTo
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
Escape
ExtTextOutA
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
DeleteObject
GetTextAlign
GetCurrentPositionEx
IntersectClipRect
ExcludeClipRect
SetBkColor
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
Ellipse
LPtoDP
CreateEllipticRgn
CreateDCA
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
StartDocA
GetStockObject
Rectangle
DPtoLP
GetViewportOrgEx
GetDeviceCaps
CreatePen
CreateRectRgnIndirect
TextOutA
GetObjectA
SetStretchBltMode
GdiAlphaBlend
SetDCPenColor
CreateCompatibleDC
SelectObject
StretchBlt
CreateDIBSection
DeleteDC
SetTextColor
SetViewportOrgEx
PatBlt
BitBlt
CreateBitmap
GetClipBox

comdlg32

ChooseColorA
GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
GetJobA
OpenPrinterA

advapi32

RegQueryValueA
OpenProcessToken
GetTokenInformation
RegCreateKeyA
RegSetValueA
GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
CryptGetHashParam
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
CryptGetKeyParam

shell32

ExtractIconExA
DragQueryFileA
SHGetFileInfoA
ExtractIconA
DragFinish

comctl32

InitCommonControlsEx
ImageList_Add
CreateToolbarEx

shlwapi

PathFindFileNameW
PathFindFileNameA
PathRemoveFileSpecW
PathStripToRootA
PathUnquoteSpacesA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoTaskMemAlloc
CoRevokeClassObject
CoInitializeEx
CoCreateInstance
CoTaskMemFree
CoUninitialize
CLSIDFromString
CLSIDFromProgID
RegisterDragDrop
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
CoGetClassObject
CreateILockBytesOnHGlobal
CoRegisterMessageFilter

oleaut32

VariantTimeToSystemTime
SysAllocString
SafeArrayDestroy
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
VariantCopy

iphlpapi

_PfDeleteInterface@4
_PfCreateInterface@24
_PfBindInterfaceToIPAddress@12
GetAdaptersInfo
_PfAddFiltersToInterface@24

netapi32

NetWkstaUserGetInfo

avifil32

AVIFileRelease

avicap32

capCreateCaptureWindowA

msacm32

acmDriverDetailsA

winmm

mmioSeek

rpcrt4

RpcErrorAddRecord
RpcGetAuthorizationContextForClient
RpcFreeAuthorizationContext

gdiplus

GdipCreateFromHDC
GdipGetImageEncoders
GdipCreateBitmapFromFile
GdipDisposeImage
GdipGetImageEncodersSize
GdipAlloc
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipDeleteGraphics
GdipCreateBitmapFromFileICM
GdipFree
GdipCloneImage

opengl32

glLoadIdentity
glViewport
glOrtho
glMatrixMode

glu32

gluLookAt

dbghelp

EnumerateLoadedModules

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

wtsapi32

WTSQuerySessionInformationA

uxtheme

SetWindowTheme

wsnmp32

ord600
ord504

Sections

.text
Size: 375KB - Virtual size: 374KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5a80cb2c3e28b7fc9d75a6881ec739a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

iphlpapi

netapi32

avifil32

avicap32

msacm32

winmm

rpcrt4

gdiplus

opengl32

glu32

dbghelp

oleacc

wtsapi32

uxtheme

wsnmp32

Sections

.text Size: 375KB - Virtual size: 374KB

.rdata Size: 101KB - Virtual size: 101KB

.data Size: 18KB - Virtual size: 33KB

.rsrc Size: 1.3MB - Virtual size: 1.6MB

.text
Size: 375KB - Virtual size: 374KB

.rdata
Size: 101KB - Virtual size: 101KB

.data
Size: 18KB - Virtual size: 33KB

.rsrc
Size: 1.3MB - Virtual size: 1.6MB