63f5e0bc2a5bdd24730f719289ee8de1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

63f5e0bc2a5bdd24730f719289ee8de1_JaffaCakes118
Size

867KB
MD5

63f5e0bc2a5bdd24730f719289ee8de1
SHA1

4425ad26d77c15b2c2f778453793574d06ebee87
SHA256

f675ef8b4f93ace5c99efcdc76eb91f6b9c92702f35c222137f2503f71965c12
SHA512

7e6094c1b4ba687669dd11c82cd385c3350b7bce424d5914a9ede4537089ec9ab7541f450886d37dd8cff1b680632f5e1094286b89ed03f571e28a4f747bd0ad
SSDEEP

12288:qK287z+Azxs17NDqkBo25M+xmQs/D9GTRM9v2D5QUwnf9Kpmdn:p9KROkW4yRuC0I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63f5e0bc2a5bdd24730f719289ee8de1_JaffaCakes118

Files

63f5e0bc2a5bdd24730f719289ee8de1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9da8752062b281c02d6ebe463b914b57

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

inetcomm

MimeOleCreatePropertySet
MimeOleAlgNameFromSMimeCap
MimeOleGetFileExtension
MimeEditDocumentFromStream
MimeOleGetRelatedSection
MimeOleGetAllocator
MimeOleParseRfc822Address
MimeOleCreateMessageParts
MimeOleOpenFileStream
CreateNNTPTransport
MimeOleParseRfc822AddressW
CreateRangeList
EssReceiptRequestDecodeEx
MimeOleGenerateCID
MimeOleSetBodyPropW
MimeOleGetCodePageInfo
HrAthGetFileName
MimeEditGetBackgroundImageUrl
MimeOleCreateByteStream
MimeOleSMimeCapsFull
HrAthGetFileNameW
CreateSMTPTransport
MimeOleSetBodyPropA
HrSaveAttachToFile
MimeOleGetBodyPropA
HrGetLastOpenFileDirectoryW
EssSignCertificateEncodeEx
CreateIMAPTransport2
MimeGetAddressFormatW
EssKeyExchPreferenceDecodeEx
MimeOleConvertEnrichedToHTML
MimeEditViewSource
MimeOleGetPropA
DllGetClassObject

msorcl32

SQLColAttributes
SQLGetConnectOption
SQLNumResultCols
SQLAllocStmt
SQLError
SQLTables
SQLSetStmtOption
SQLPrepare
SQLProcedures
SQLCancel
SQLSetCursorName
SQLGetCursorName
SQLSetConnectOption
SQLConnect
SQLAllocConnect
SQLDescribeCol
SQLBindParameter
SQLFreeStmt
SQLGetInfo
DllMain
SQLSetScrollOptions
SQLMoreResults
SQLTransact
SQLBindCol
SQLRowCount
SQLGetData
SQLFreeEnv
ConfigDSN
SQLFetch
SQLBrowseConnect
SQLGetTypeInfo
SQLPutData
SQLAllocEnv
SQLExecDirect
SQLStatistics
SQLProcedureColumns
SQLParamData
SQLDisconnect
SQLSpecialColumns
SQLPrimaryKeys
LoadByOrdinal
SQLDescribeParam
SQLForeignKeys
SQLNumParams

dhcpsapi

DhcpSetClientInfo
DhcpScanMDatabase
DhcpEnumSubnetElementsV4
DhcpGetMCastMibInfo
DhcpAddServer
DhcpCreateOptionV5
DhcpSetOptionValuesV5
DhcpSetOptionInfoV5
DhcpGetThreadOptions
DhcpServerSetConfigV4
DhcpEnumOptionValues
DhcpRpcFreeMemory
DhcpEnumServers
DhcpGetClientInfo
DhcpGetSubnetInfo
DhcpGetAllOptionValues
DhcpRemoveMScopeElement
DhcpDeleteServer
DhcpDsCleanup
DhcpSetOptionValues
DhcpCreateClientInfoV4
DhcpSetOptionInfo
DhcpRemoveOptionValue
DhcpEnumSubnetElements
DhcpGetOptionInfo
DhcpGetAllOptions
DhcpEnumOptionsV5
DhcpSetClientInfoV4
DhcpAddSubnetElementV5
DhcpDeleteClientInfo
DhcpSetThreadOptions
DhcpSetServerBindingInfo

kernel32

OpenProcess
GetEnvironmentStringsA
CreateSemaphoreA
WriteConsoleInputA
SetHandleCount
EnumResourceLanguagesW
GetNumaAvailableMemoryNode
GetTempFileNameW
LoadResource
QueryDosDeviceA
IsDBCSLeadByteEx
AddAtomA
BaseInitAppcompatCacheSupport
OpenWaitableTimerA
LockFileEx
VirtualAlloc
SetLastError
GetQueuedCompletionStatus
BackupWrite
NlsGetCacheUpdateCount
DeleteTimerQueueEx
SwitchToThread
LZClose
CreateDirectoryW
GetUserDefaultUILanguage
GetConsoleInputExeNameW
FoldStringA
lstrcmpi
ResetEvent
RtlMoveMemory
WriteConsoleInputVDMA
LockResource
ResumeThread
WaitForSingleObject
GetPrivateProfileStringA
GetPrivateProfileSectionW
FillConsoleOutputCharacterA
ScrollConsoleScreenBufferW
ReplaceFile
GetPrivateProfileIntW
CancelIo
GetModuleHandleExA
SetConsoleFont
LZSeek
SetFilePointerEx
EnumSystemCodePagesW
IsValidLocale
ReadConsoleA
DeleteCriticalSection
GetProfileIntA
SetCalendarInfoW
FindNextVolumeMountPointA
GetCurrentThreadId
LZCreateFileW
TryEnterCriticalSection
OpenThread
lstrlenA
RtlCaptureStackBackTrace
AddAtomW
LZDone
SearchPathA
PulseEvent
EnumerateLocalComputerNamesW
GetSystemWow64DirectoryW
GetStringTypeW
LoadLibraryA
InterlockedPopEntrySList
OpenFile
PeekConsoleInputA
SetFileShortNameA
ReplaceFileA
GetOverlappedResult
WriteConsoleOutputCharacterW
GetConsoleAliasExesW
EnumSystemLanguageGroupsA
GetCurrentThread
IsBadCodePtr
FindNextFileW
WriteFileEx
GlobalAlloc
lstrcmpiW
GetStringTypeA
GetConsoleAliasesA
TransmitCommChar
GlobalFlags

dxtrans

?DXOverArrayMMX@@YGXPAVDXPMSAMPLE@@PBV1@K@Z
?DXDitherArray@@YGXPBUDXDITHERDESC@@@Z
DllEnumClassObjects
?DXOverArray@@YGXPAVDXPMSAMPLE@@PBV1@K@Z
?DXLinearInterpolateArray@@YGXPBVDXBASESAMPLE@@PAUDXLIMAPINFO@@PAV1@K@Z
?DXConstUnderArray@@YGXPAVDXPMSAMPLE@@ABV1@K@Z
?DXConstOverArray@@YGXPAVDXPMSAMPLE@@ABV1@K@Z
DllGetClassObject

dataclen

DllGetClassObject

Sections

.text
Size: 173KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 558KB - Virtual size: 560KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9da8752062b281c02d6ebe463b914b57

Headers

DLL Characteristics

File Characteristics

Imports

inetcomm

msorcl32

dhcpsapi

kernel32

dxtrans

dataclen

Sections

.text Size: 173KB - Virtual size: 176KB

.rdata Size: 558KB - Virtual size: 560KB

.data Size: 132KB - Virtual size: 1.6MB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 173KB - Virtual size: 176KB

.rdata
Size: 558KB - Virtual size: 560KB

.data
Size: 132KB - Virtual size: 1.6MB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB