5b51200f7c61a9dfd4bc1e1ac9b7c842_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5b51200f7c61a9dfd4bc1e1ac9b7c842_JaffaCakes118
Size

863KB
MD5

5b51200f7c61a9dfd4bc1e1ac9b7c842
SHA1

76ea9befe6f8cc5b03e4b278d41e16efc24f31db
SHA256

7daa8cb3b48e30caff67fff5eb30082887c6f440ee3ba30774de0e63727e594e
SHA512

03e2a94829bdde91ca4f95690e0667db95dd10093492352d299dfec107ce0cd66a4b8cc8f37b8e14ff1da330978376865afd2116ddd559e09bdf16485e24bc91
SSDEEP

24576:2CHxaNAyXV5/0nE2YhbK0GPNAx9BLR5P3hfXBb:TRM3rF2PNAx9BLPPRJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b51200f7c61a9dfd4bc1e1ac9b7c842_JaffaCakes118

Files

5b51200f7c61a9dfd4bc1e1ac9b7c842_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f8d3bfa122d3dbcd1f77cf5460ff6c26

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GdiEntry4
EnumFontFamiliesA
SetWindowExtEx
EngUnicodeToMultiByteN
AddFontResourceExW
SetICMProfileW
CheckColorsInGamut
EngQueryLocalTime
OffsetClipRgn
bInitSystemAndFontsDirectoriesW
CreateHalftonePalette
GdiConvertDC
GetPath
ExtCreatePen
CloseMetaFile
DdEntry14
HT_Get8BPPMaskPalette
GetKerningPairsW
UpdateICMRegKeyW
GetBrushAttributes
GdiFixUpHandle
EndPath
SetColorSpace
SetEnhMetaFileBits
SetVirtualResolution
GetSystemPaletteEntries
DeviceCapabilitiesExA
SetICMProfileA
EngMarkBandingSurface
GetEnhMetaFilePixelFormat
EnumFontFamiliesW
GetGlyphOutlineWow
GdiEntry11
FONTOBJ_cGetAllGlyphHandles

kernel32

ReadDirectoryChangesW
GetThreadTimes
SetTapePosition
FindVolumeMountPointClose
LockFile
FindResourceExW
HeapDestroy
RemoveDirectoryA
GetDriveTypeW
OpenSemaphoreW
GetNamedPipeInfo
GetOEMCP
ContinueDebugEvent
GetUserGeoID
DeleteAtom
WriteProfileStringA
GetThreadPriorityBoost
GetConsoleTitleW
IsValidLanguageGroup
SetConsoleWindowInfo
FileTimeToLocalFileTime
FatalAppExitW
CreateTimerQueueTimer
SetThreadUILanguage
GetLastError
GetStartupInfoA
SetEndOfFile
GetStartupInfoW
BuildCommDCBAndTimeoutsA
lstrcmpW
UnregisterWaitEx
GetFileAttributesExA
ReadFileScatter
GetBinaryType
LoadLibraryA
IsValidCodePage
CreateWaitableTimerW
SetConsoleCP
CancelDeviceWakeupRequest
GetCompressedFileSizeW
GetEnvironmentStringsW
VirtualAlloc
HeapSize
SetNamedPipeHandleState
CompareFileTime
WriteConsoleOutputW

msvcrt40

?getline@istream@@QAEAAV1@PAEHD@Z
?fail@ios@@QBEHXZ
_wcmdln
??_Difstream@@QAEXXZ
_adj_fdiv_m16i
?sbumpc@streambuf@@QAEHXZ
??_Gistream@@UAEPAXI@Z
?gptr@streambuf@@IBEPADXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
time
vfwprintf
_findfirst
??0filebuf@@QAE@XZ
wcsspn
_CIatan2
_wsopen
??_Glogic_error@@UAEPAXI@Z
bsearch
??4istream_withassign@@QAEAAVistream@@ABV1@@Z
??6ostream@@QAEAAV0@PBE@Z
?dec@@YAAAVios@@AAV1@@Z
_mbsnset
??0istream_withassign@@QAE@PAVstreambuf@@@Z
_rmdir
iswlower
??0strstream@@QAE@ABV0@@Z
?xsputn@streambuf@@UAEHPBDH@Z
?gcount@istream@@QBEHXZ
ldexp
strchr
frexp
mblen
fclose
_setmode
_initterm
??_Gistrstream@@UAEPAXI@Z
_msize
__p___winitenv
?basefield@ios@@2JB
strspn
__p__dstbias
??0filebuf@@QAE@H@Z
?adjustfield@ios@@2JB
_write
?cerr@@3Vostream_withassign@@A
??1ostream_withassign@@UAE@XZ
?get@istream@@QAEHXZ
_fcvt
?str@istrstream@@QAEPADXZ
??_7stdiobuf@@6B@
??4fstream@@QAEAAV0@AAV0@@Z
_wexeclp
_wsystem
?seekpos@streambuf@@UAEJJH@Z
?blen@streambuf@@IBEHXZ
?clrlock@ios@@QAAXXZ
??0ostream_withassign@@QAE@ABV0@@Z
??Bios@@QBEPAXXZ
??0iostream@@QAE@PAVstreambuf@@@Z
towlower
??_7strstream@@6B@
??4istream_withassign@@QAEAAV0@ABV0@@Z

iphlpapi

GetPerAdapterInfo
InternalSetIfEntry
GetFriendlyIfIndex
Icmp6CreateFile
do_echo_req
InternalCreateIpForwardEntry
GetIpStatisticsEx
SetIfEntry
GetAdapterOrderMap
InternalGetIpNetTable
FlushIpNetTable
_PfAddFiltersToInterface@24
NotifyAddrChange
IcmpCloseHandle
GetAdapterIndex
InternalGetTcpTable
InternalSetIpStats
IpReleaseAddress
NhpAllocateAndGetInterfaceInfoFromStack
AllocateAndGetIpAddrTableFromStack
_PfRemoveFilterHandles@12
GetInterfaceInfo
GetIfEntry
IcmpParseReplies
_PfGetInterfaceStatistics@16
GetIpForwardTable
do_echo_rep
InternalGetIfTable
NotifyRouteChange
_PfTestPacket@20
IpRenewAddress
InternalGetIpForwardTable
_PfDeleteLog@0
GetIpNetTable
_PfCreateInterface@24
_PfSetLogBuffer@28
GetUdpStatistics
DeleteIPAddress
RestoreMediaSense
InternalDeleteIpForwardEntry
_PfBindInterfaceToIndex@16

odbc32

PostODBCComponentError
SQLCopyDesc
SQLBrowseConnectA
SQLGetData
SQLCancel
PostODBCError
ODBCGetTryWaitValue
ODBCQualifyFileDSNW
SQLPrimaryKeys
SQLTablesA
SQLGetDescRecA
SQLTablePrivilegesA
SQLAllocConnect
SQLForeignKeysA
SQLGetInfoA
SQLSetDescFieldA
SQLDriverConnectW
SQLParamData
SQLGetEnvAttr
SQLNativeSql
SQLProcedureColumnsA
SQLBulkOperations
ValidateErrorQueue
SQLExtendedFetch
SQLGetTypeInfoW
CollectODBCPerfData
SQLGetTypeInfoA
SQLColAttributeW
SQLConnectA
SQLError
SQLForeignKeysW
SQLTablePrivileges

rasadhlp

WSAttemptAutodialName
AcsHlpNbConnection
WSNoteSuccessfulHostentLookup
WSAttemptAutodialAddr

Sections

.tixt
Size: 350KB - Virtual size: 350KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 329KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8d3bfa122d3dbcd1f77cf5460ff6c26

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

msvcrt40

iphlpapi

odbc32

rasadhlp

Sections

.tixt Size: 350KB - Virtual size: 350KB

.rdata Size: 179KB - Virtual size: 179KB

.data Size: 329KB - Virtual size: 1.8MB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 1024B

.tixt
Size: 350KB - Virtual size: 350KB

.rdata
Size: 179KB - Virtual size: 179KB

.data
Size: 329KB - Virtual size: 1.8MB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 1024B