3b299aff6da195d0ee337f42f9bdbebe_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3b299aff6da195d0ee337f42f9bdbebe_JaffaCakes118
Size

387KB
MD5

3b299aff6da195d0ee337f42f9bdbebe
SHA1

639e7d1125aaf6c1bb421aa6ffdba7d24eb86ca2
SHA256

ee39d183313c5f889b830b8ca77febbbf6986090ee21e4d8f457030a0e737c8a
SHA512

a410bf150902d6199d9f8b94c744b9a933ae451e448547a44291184b48e0e697123561780af4170827ca5cd6c2b6b33c1e4f2a56f0ab32f453c33fe14c3f8a28
SSDEEP

12288:7R6S15cdkN/U5onLa/0spyxIuZvU6XWDZAdvFh:8S/Ca/mo+/0ssIgm9AP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b299aff6da195d0ee337f42f9bdbebe_JaffaCakes118

Files

3b299aff6da195d0ee337f42f9bdbebe_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d566634a7aebc468ec77af52b9edeb53

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetConversionListW
ImmDisableIme
ImmGetHotKey
ImmAssociateContextEx
ImmUnlockImeDpi
ImmLockClientImc
ImmSetCompositionStringA
ImmGetConversionStatus
ImmCreateSoftKeyboard
ImmRegisterWordA
ImmSetActiveContext
ImmLoadIME
ImmSetCompositionStringW
ImmReleaseContext
ImmPutImeMenuItemsIntoMappedFile
ImmGetContext
ImmGetDefaultIMEWnd
ImmSendIMEMessageExW
ImmUnregisterWordW
ImmGetIMCCLockCount
ImmGetRegisterWordStyleW
ImmGenerateMessage
ImmConfigureIMEA
ImmShowSoftKeyboard
ImmGetCandidateListCountW
ImmSetStatusWindowPos
ImmGetRegisterWordStyleA
ImmSendIMEMessageExA
ImmGetCompositionStringA
ImmGetDescriptionW
ImmDestroyContext
ImmIsUIMessageW
ImmUnlockIMC
ImmGetIMEFileNameA
ImmLockImeDpi
ImmGetCandidateListCountA
ImmGetImeInfoEx
ImmGetIMCCSize

kernel32

ReleaseSemaphore
IsDBCSLeadByte
LocalAlloc
FindFirstVolumeA
GetCalendarInfoA
GetExitCodeThread
GetTimeFormatW
CompareStringA
FillConsoleOutputCharacterW
SetThreadPriority
GetLocaleInfoW
GetFirmwareEnvironmentVariableW
WriteConsoleInputA
RtlMoveMemory
HeapReAlloc
GetCurrentActCtx
SwitchToFiber
GetDriveTypeW
ReadFileScatter
MoveFileExW
DosDateTimeToFileTime
SetFileApisToANSI
GetSystemWow64DirectoryA
SetConsoleLocalEUDC
GlobalHandle
GetOverlappedResult
GetFullPathNameA
Heap32First
LoadLibraryA
SetConsoleMaximumWindowSize
GetSystemTimeAsFileTime
ReadConsoleOutputCharacterA
EnumSystemLocalesA
CopyFileExW
GetFullPathNameW
GetProcessWorkingSetSize
WriteProfileSectionW
GetProcessPriorityBoost
VirtualQuery
HeapSize
GetVolumePathNamesForVolumeNameW
GlobalFix
HeapCreate
FindFirstChangeNotificationW
FindNextChangeNotification
GlobalFindAtomA
GetPrivateProfileSectionNamesA
VirtualAlloc

odbc32

SQLGetDescRecA
SQLGetDiagRecW
ODBCInternalConnectW
SQLDescribeColW
SQLDataSources
GetODBCSharedData
SQLDriverConnectA
SQLConnectA
SQLAllocStmt
SQLPrimaryKeys
SQLGetDiagRecA
SQLPrimaryKeysW
SQLStatistics
SQLSetStmtOption
SQLAllocHandleStd
SQLGetTypeInfo
SQLGetStmtOption
SQLColAttributesW
SQLGetCursorName
SQLPrepareA
LockHandle
SQLProcedureColumnsA
SQLStatisticsA
SQLSetConnectAttr
SQLExecute
ODBCSetTryWaitValue
SQLGetConnectAttrA
SQLSpecialColumnsW
SQLError
SQLConnectW
SQLProcedureColumns
SQLSpecialColumns
SQLDescribeParam
SQLGetDiagFieldW
SQLBrowseConnectA
SQLDrivers
SQLForeignKeysA
SQLForeignKeys
SQLDataSourcesW
SQLTablesW
SQLGetDescRec
SQLGetDiagFieldA
SQLGetDescRecW

mapi32

WrapStoreEntryID@24
EnableIdleRoutine@8
MNLS_CompareStringW@24
FtMulDw@12
FBadPropTag@4
MAPIDeinitIdle@0
MAPIDetails
FBadEntryList@4
BMAPIDetails
BMAPISaveMail
LaunchWizard@20
UNKOBJ_ScCOReallocate@12
FreePadrlist@4
HrIStorageFromStream@16
MAPILogonEx
MAPIReadMail
FEqualNames@8
DeregisterIdleRoutine@4
FtgRegisterIdleRoutine@20
MAPIUninitialize
FBadRestriction@4
GetAttribIMsgOnIStg@12
ScUNCFromLocalPath@12
HrValidateIPMSubtree@20
MNLS_IsBadStringPtrW@8
__CPPValidateParameters@8
BMAPIGetAddress
FDecodeID@12
FPropExists@8
HrDecomposeMsgID@24
DllGetClassObject
ScGenerateMuid@4
cmc_logoff
UNKOBJ_Free@8
MAPIFreeBuffer
MNLS_WideCharToMultiByte@32
FreeProws@4
FBadRowSet@4

opengl32

glGetTexGenfv
glMultMatrixf
glShadeModel
glTexCoord4sv
glEvalCoord2f
wglSetLayerPaletteEntries
glPopName
glTexCoord3s
glTranslatef
glLoadIdentity
glIndexdv
glArrayElement
glMatrixMode
glViewport
glTexCoord2fv
glTexCoord3dv
glStencilOp
glAccum
wglUseFontOutlinesW
glTexGendv
glTexCoord1f
glFogiv
glGetMaterialfv
glTexCoord3iv
glTexSubImage1D
glReadBuffer
glRectdv
GlmfEndGlsBlock
glIndexubv
glColor3uiv
glRasterPos3s
glVertex4s
glVertex3i
glClearStencil
glTexCoord4f
glVertex4sv
glNormal3s
glTexParameterf

qdvd

DllGetClassObject

Sections

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 507KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d566634a7aebc468ec77af52b9edeb53

Headers

DLL Characteristics

File Characteristics

Imports

imm32

kernel32

odbc32

mapi32

opengl32

qdvd

Sections

.text Size: 156KB - Virtual size: 156KB

.rdata Size: 128KB - Virtual size: 128KB

.data Size: 1KB - Virtual size: 507KB

.rsrc Size: 100KB - Virtual size: 100KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 156KB - Virtual size: 156KB

.rdata
Size: 128KB - Virtual size: 128KB

.data
Size: 1KB - Virtual size: 507KB

.rsrc
Size: 100KB - Virtual size: 100KB

.reloc
Size: 1024B - Virtual size: 1024B