388084eec894fef4d66c3f292aee9084_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

388084eec894fef4d66c3f292aee9084_JaffaCakes118
Size

871KB
MD5

388084eec894fef4d66c3f292aee9084
SHA1

7c316a004335bf1228a30da7b7960e62c486adca
SHA256

97db02febabda85da6ab8da667d87bb08e4b1f027cbad11d3782de490a4de121
SHA512

98466c30a2b578289ba72f61987db86ad8683bf22bdbf822d8db00cf541fde5080f9da732650fd979f8be4e731f5cd7341ed91fdc3aa506dd6d9fa9d6cd14f7f
SSDEEP

12288:6cQXS7vfFoZEcphKf0KfL2qPekJj+R/C/vYjlydMWMGkAAsn/7PYcMs2ORIbe5Zb:PQXEXeycfqXi+ekAlY/7PYcMskbFu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
388084eec894fef4d66c3f292aee9084_JaffaCakes118

Files

388084eec894fef4d66c3f292aee9084_JaffaCakes118
.exe windows:5 windows x86 arch:x86

59a1d87e66d016cca5337c05b3ee6f70

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt40

_setmbcp
_beginthreadex
wcscspn
_ismbcupper
??0istrstream@@QAE@PADH@Z
??0ostrstream@@QAE@XZ
?lock@ios@@QAAXXZ
_wfindnexti64
_mbsnbicoll
_snprintf
??0istream_withassign@@QAE@ABV0@@Z
??0istrstream@@QAE@PAD@Z
puts
__p__pwctype
_wcsset
??1ios@@UAE@XZ
__wgetmainargs
fgetc
iswalpha
?width@ios@@QBEHXZ
?setbuf@fstream@@QAEPAVstreambuf@@PADH@Z
strtok
??_7istream@@6B@
??0strstreambuf@@QAE@XZ
??_Efstream@@UAEPAXI@Z
mbstowcs
_mbctohira
wcscpy
??0stdiobuf@@QAE@PAU_iobuf@@@Z
_adj_fdiv_m32
?gbump@streambuf@@IAEXH@Z

kernel32

SetCommMask
QueryDosDeviceA
SetCommConfig
CreateHardLinkA
DeleteCriticalSection
CommConfigDialogA
LoadLibraryA
GlobalReAlloc
GetConsoleCommandHistoryLengthW
SetLastError
InterlockedIncrement
RemoveLocalAlternateComputerNameA
VirtualAlloc
GlobalAddAtomW
SetComputerNameW
AddAtomA
LCMapStringW
LeaveCriticalSection
EnumCalendarInfoA
IsValidLocale
CreateFileMappingA
ReadConsoleInputExA
SetFileShortNameA
OpenProcess
SetErrorMode
OpenSemaphoreA
GetSystemWindowsDirectoryA
SetConsoleNumberOfCommandsA
GetFirmwareEnvironmentVariableA
VerifyVersionInfoW
CreateActCtxA
DeactivateActCtx
SetUserGeoID
CreatePipe
EnterCriticalSection
EscapeCommFunction
GetFileType
ReplaceFileA
GetProcessVersion
VirtualProtectEx
UpdateResourceA
AddRefActCtx
ClearCommBreak
NlsGetCacheUpdateCount
CreateDirectoryExA
FindResourceExW
ReplaceFileW
QueryDepthSList
EnumerateLocalComputerNamesA

odbc32

ODBCGetTryWaitValue
PostComponentError
CursorLibLockDbc
SQLPrimaryKeysA
SQLAllocHandleStd
SQLDescribeParam
SQLGetInfoW
SQLSetDescFieldA
SQLExtendedFetch
SQLDriverConnectW
SQLTablePrivileges
SQLProcedures
SQLNumParams
SQLPrimaryKeysW
CursorLibTransact
SQLTables
SQLGetDiagRec
SQLForeignKeysW
SQLRowCount
CursorLibLockDesc
SQLProcedureColumnsW
SQLColAttributesW
SQLColAttributesA
SQLGetDescRecW
SQLAllocStmt
SQLGetDescFieldW
SQLGetDiagRecW
SQLGetCursorNameW
SQLGetStmtAttr
SQLFreeConnect
SQLGetConnectOptionW
SQLStatistics
SQLConnectW
SQLPrepare
SQLBindCol
SQLGetConnectOptionA
SQLAllocHandle
SQLEndTran
SQLGetStmtAttrA
SQLPrimaryKeys
SQLNumResultCols

msvcp60

?_Doraise@underflow_error@std@@MBEXXZ
?max@?$numeric_limits@O@std@@SAOXZ
?sinh@std@@YA?AV?$complex@O@1@ABV21@@Z
_LDenorm
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIPBD@Z
?do_out@?$codecvt@DDH@std@@MBEHAAHPBD1AAPBDPAD3AAPAD@Z
?_Init@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEXXZ
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAF@Z
?_Getcat@?$moneypunct@D$0A@@std@@SAIXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXF@Z
?denorm_min@?$numeric_limits@G@std@@SAGXZ
?do_toupper@?$ctype@G@std@@MBEPBGPAGPBG@Z
??_7?$basic_filebuf@DU?$char_traits@D@std@@@std@@6B@
??Gstd@@YA?AV?$complex@N@0@ABV10@ABN@Z
??0codecvt_base@std@@QAE@I@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?assign@?$char_traits@G@std@@SAPAGPAGIABG@Z
?sbumpc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
??0ios_base@std@@QAE@ABV01@@Z
??_F?$moneypunct@G$0A@@std@@QAEXXZ
?signaling_NaN@?$numeric_limits@M@std@@SAMXZ
??Z?$_Complex_base@N@std@@QAEAAV01@ABN@Z
??4?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@ABV01@@Z
?hash@?$collate@D@std@@QBEJPBD0@Z
?precision@ios_base@std@@QAEHH@Z
??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??1length_error@std@@UAE@XZ
?in_avail@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEHXZ
?epsilon@?$numeric_limits@K@std@@SAKXZ
?id@?$numpunct@D@std@@2V0locale@2@A
??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@UAE@XZ

d3d8thk

OsThunkD3dContextDestroyAll
OsThunkDdAlphaBlt
OsThunkDdReleaseDC
OsThunkDdCreateSurface
OsThunkDdGetFlipStatus
OsThunkDdCanCreateSurface
OsThunkDdFlipToGDISurface
OsThunkD3dDrawPrimitives2
OsThunkDdWaitForVerticalBlank
OsThunkDdUnattachSurface
OsThunkDdCanCreateD3DBuffer
OsThunkDdCreateSurfaceObject
OsThunkDdGetAvailDriverMemory
OsThunkDdResetVisrgn
OsThunkDdSetGammaRamp
OsThunkDdBeginMoCompFrame
OsThunkDdCreateSurfaceEx
OsThunkDdDeleteDirectDrawObject
OsThunkDdAddAttachedSurface
OsThunkDdRenderMoComp
OsThunkDdEndMoCompFrame
OsThunkD3dContextDestroy
OsThunkDdReenableDirectDrawObject
OsThunkDdLock
OsThunkDdQueryMoCompStatus
OsThunkDdColorControl
OsThunkDdGetScanLine
OsThunkDdAttachSurface
OsThunkDdSetColorKey
OsThunkDdSetOverlayPosition
OsThunkDdQueryDirectDrawObject
OsThunkDdGetBltStatus
OsThunkDdLockD3D
OsThunkDdBlt
OsThunkD3dContextCreate
OsThunkDdFlip
OsThunkDdCreateDirectDrawObject
OsThunkDdUnlockD3D
OsThunkDdCreateMoComp
OsThunkDdGetDriverState
OsThunkDdDestroyD3DBuffer
OsThunkDdDeleteSurfaceObject

iaspolcy

DllGetClassObject

msvcrt

exit

Sections

.text
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 301KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 426KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

59a1d87e66d016cca5337c05b3ee6f70

Headers

File Characteristics

Imports

msvcrt40

kernel32

odbc32

msvcp60

d3d8thk

iaspolcy

msvcrt

Sections

.text Size: 131KB - Virtual size: 130KB

.rdata Size: 301KB - Virtual size: 300KB

.data Size: 426KB - Virtual size: 1.9MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 131KB - Virtual size: 130KB

.rdata
Size: 301KB - Virtual size: 300KB

.data
Size: 426KB - Virtual size: 1.9MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 10KB - Virtual size: 10KB