2779198c6197ecbf02d495bdfcc30bde_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2779198c6197ecbf02d495bdfcc30bde_JaffaCakes118
Size

864KB
MD5

2779198c6197ecbf02d495bdfcc30bde
SHA1

fbaebc889ab110a157efaaddc1b6c1adcdcfb66a
SHA256

a3693e71976dcfb1df69eae553d4cef2e5917b04c1ecc1b2595212fee4ad2b83
SHA512

383f8cda0bfb094bd8596e0188db84a6cb626341a48e35548b7e8c7419887fcd0f7c3998fde68cab9f9c061721b7c60e3b5e1344d36a9458ead589499347c44e
SSDEEP

12288:SVOYzP2bVFC2Jcf11aiuzRoL0A+/uD0IrcqQOGW7bxY0mY43mpSW32nRPI:q7j2Hu1E+LE/uD06x7brmn2oW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2779198c6197ecbf02d495bdfcc30bde_JaffaCakes118

Files

2779198c6197ecbf02d495bdfcc30bde_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cf09ddb1ce63c9650f879a3a477b4100

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

odbccu32

SQLSetDescField
SQLBulkOperations
SQLParamData
SQLGetDescField
SQLSetDescRec
SQLSetStmtAttr
SQLFreeHandle
SQLMoreResults
SQLSetPos
SQLGetData
SQLExtendedFetch
SQLTransact
SQLPutData
SQLCancel
SQLRowCount
SQLParamOptions
SQLBindParameter
SQLPrepare
SQLSetStmtOption
ReleaseCLStmtResources
SQLGetStmtOption
SQLFetchScroll
SQLCloseCursor
SQLSetConnectOption
SQLFreeStmt
SQLNativeSql
SQLBindCol
SQLSetScrollOptions
SQLEndTran
SQLGetInfo
SQLGetDescRec
SQLGetStmtAttr
SQLNumParams
SQLExecute
SQLSetConnectAttr
SQLFetch
SQLExecDirect

uxtheme

GetThemeIntList
GetThemeSysBool
GetThemeSysColor
SetWindowTheme
GetThemeBackgroundExtent
GetThemeFont
GetThemeFilename
GetThemePartSize
GetThemeTextExtent
IsAppThemed
GetThemeSysSize
DrawThemeEdge
DrawThemeText
CloseThemeData
GetThemeSysInt
GetThemePosition
GetThemeAppProperties
GetThemeSysFont
IsThemeActive
GetThemeColor
DrawThemeIcon
GetThemeDocumentationProperty
GetThemeInt
IsThemePartDefined
GetThemeTextMetrics
GetThemeString
GetThemePropertyOrigin
GetWindowTheme
EnableTheming
GetThemeSysColorBrush
GetCurrentThemeName
EnableThemeDialogTexture
IsThemeBackgroundPartiallyTransparent
GetThemeBackgroundRegion
GetThemeBool
GetThemeBackgroundContentRect
GetThemeMargins
OpenThemeData
GetThemeMetric
DrawThemeBackground
DrawThemeParentBackground
IsThemeDialogTextureEnabled
GetThemeRect

rasman

RasRpcGetUserPreferences
RasSecurityDialogReceive
RasPortSetFraming
RasSetDeviceConfigInfo
RasPortSend
RasRegisterPnPEvent
RasRpcSetUserPreferences
RasRpcDisconnectServer
RasSecurityDialogSend
RasSetEapUserInfo
RasPortCancelReceive
RasEnumLanNets
RasGetUnicodeDeviceName
RasPortReserve
RasRpcDisconnect
RasRpcGetInstalledProtocolsEx
RasPortGetStatisticsEx
RasRpcGetCountryInfo
RasSendNotification
RasSetPortUserData
RasActivateRoute
RasPortBundle
RasmanUninitialize
RasPortConnectComplete
RasDeviceSetInfo
RasDeAllocateRoute

kernel32

CreateTapePartition
VerifyVersionInfoA
GetMailslotInfo
VirtualAlloc
FormatMessageA
IsValidCodePage
EnumResourceLanguagesW
GetProfileStringW
Thread32Next
GlobalFree
SuspendThread
EnumSystemLanguageGroupsW
lstrcmpiA
CreateMutexW
LocalShrink
FreeEnvironmentStringsW
SetConsoleMenuClose
BaseFlushAppcompatCache
GlobalFindAtomA
CallNamedPipeW
InitializeCriticalSection
CreateMailslotW
GetFullPathNameW
GetTempFileNameA
lstrcpynA
EnumSystemCodePagesW
IsBadWritePtr
TlsGetValue
LoadLibraryA
DosDateTimeToFileTime
CopyFileExA

gdi32

GetDeviceGammaRamp
FONTOBJ_cGetAllGlyphHandles
EngUnicodeToMultiByteN
CreateSolidBrush
GdiConvertDC
GetHFONT
PATHOBJ_vGetBounds
SetWindowOrgEx
GetRegionData
DdEntry19
SetDIBits
GdiStartPageEMF
DdEntry0
GdiEntry14
GdiValidateHandle
EngGetPrinterDataFileName
GetMiterLimit
GdiAlphaBlend
SetArcDirection
EngWideCharToMultiByte
CreateDCA
TextOutW
GetObjectType
Rectangle
DdEntry56
HT_Get8BPPMaskPalette
SetWinMetaFileBits
RemoveFontResourceW
DdEntry53
ExtEscape
GdiGetLocalDC
CreateCompatibleDC
BRUSHOBJ_ulGetBrushColor
GdiGetCharDimensions

imm32

ImmSystemHandler
ImmGetContext
ImmGetCompositionStringW
ImmGetRegisterWordStyleW
ImmGetCompositionStringA
ImmUnlockIMCC
ImmCallImeConsoleIME
ImmWINNLSGetIMEHotkey
ImmIMPQueryIMEA
ImmGetOpenStatus
ImmGetStatusWindowPos
ImmLockIMCC
ImmGetHotKey
ImmCreateIMCC
ImmSimulateHotKey
ImmSendIMEMessageExW
ImmEnumRegisterWordA
ImmSetStatusWindowPos
ImmCreateSoftKeyboard
ImmUnlockIMC
ImmGetIMCCLockCount
ImmShowSoftKeyboard
ImmIsIME
ImmGetCandidateListW
ImmRegisterClient
ImmGetIMCLockCount
ImmTranslateMessage
ImmEnumRegisterWordW
ImmProcessKey
ImmDestroySoftKeyboard
ImmInstallIMEA
ImmGetImeMenuItemsA
ImmGetCompositionFontW
ImmIMPSetIMEA
ImmGetRegisterWordStyleA
ImmDestroyIMCC
ImmLoadLayout

apphelp

SdbFindNextTag
SdbOpenApphelpInformation
SdbFindFirstTagRef
SdbInitDatabase
SdbOpenDatabase
SdbReleaseDatabase
ApphelpShowDialog
ApphelpCheckShellObject
SdbReadWORDTagRef
SdbReadQWORDTag
SdbUnregisterDatabase
SdbResolveDatabase
SdbReadDWORDTagRef
SdbFindFirstMsiPackage
ApphelpGetNTVDMInfo
GetPermLayers
SdbFindFirstTag
ApphelpUpdateCacheEntry
SdbQueryDataEx
SdbFindNextTagRef
ApphelpCheckExe
ApphelpFreeFileAttributes
SdbGetDatabaseMatch
ApphelpFixMsiPackage
SdbGetTagDataSize
SdbReadWORDTag
ApphelpCheckRunApp

Sections

.text
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 478KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf09ddb1ce63c9650f879a3a477b4100

Headers

DLL Characteristics

File Characteristics

Imports

odbccu32

uxtheme

rasman

kernel32

gdi32

imm32

apphelp

Sections

.text Size: 208KB - Virtual size: 208KB

.rdata Size: 172KB - Virtual size: 172KB

.data Size: 478KB - Virtual size: 1.9MB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 208KB - Virtual size: 208KB

.rdata
Size: 172KB - Virtual size: 172KB

.data
Size: 478KB - Virtual size: 1.9MB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 1024B