6a8a1f518f623f13f43dfe77082dec02_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6a8a1f518f623f13f43dfe77082dec02_JaffaCakes118
Size

846KB
MD5

6a8a1f518f623f13f43dfe77082dec02
SHA1

05021fe41d67a24bcaf299cc031218b9b3ca306d
SHA256

0333cedcd18e5efd16c5a35094a5ed66185fce12d0415d877820d974c4369ca9
SHA512

0c0699597e1f161675a2474e4e2ed81832bc35230bcd8f65a70403e8765e8e51e8ed44cdb712ead8a7d5ff1a17d979508f7d341c550f3910e169e2cce6cbe06c
SSDEEP

12288:mXJBBrTapbUaxWtnmUL3ipdC776m68ODzS6S/igsP+RuWycQC:e3Y3Wt7L3mC48ODzJSKg2jqF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a8a1f518f623f13f43dfe77082dec02_JaffaCakes118

Files

6a8a1f518f623f13f43dfe77082dec02_JaffaCakes118
.exe windows:5 windows x86 arch:x86

918540dca34a01e74bc7821a3d02eb1a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

sqlunirl

_ExtractIconEx_@20
_EnumFonts_@16
_OpenMutex_@12
_CallWindowProc@20
_CharLowerBuff_@8
AllocConvertMultiSZNameToA
_RegisterClipboardFormat_@4
_CharNext_@4
_EnumDependentServices_@24
_RegisterServiceCtrlHandler_@8
_trename
_DefineDosDevice_@12
_IsCharLower_@4
_GetClassInfoEx_@12
_ShellExecuteEx_@4
_IsDialogMessage@8
_GetKeyNameText_@12
_CompareString_@24
_AddAtom_@4
_RegDeleteKey_@8
_GetTabbedTextExtent_@20
_DlgDirSelectComboBoxEx_@16
_WritePrivateProfileStruct_@20

clbcatq

CoRegCleanup
GetComputerObject
SetupOpen
CreateComponentLibraryEx
ServerGetApplicationType
OpenComponentLibraryOnStreamEx
ComPlusMigrate
SetupSave
GetCatalogObject2
SetSetupOpen
SetSetupSave
DeleteAllActivatorsForClsid
DowngradeAPL
ActivatorUpdateForIsRouterChanges
InprocServer32FromString
GetCatalogObject
CheckMemoryGates
CLSIDFromStringByBitness
UpdateFromComponentChange
GetSimpleTableDispenser

msvcirt

??4logic_error@@QAEAAV0@ABV0@@Z
??0strstreambuf@@QAE@PAEH0@Z
?attach@fstream@@QAEXH@Z
?dec@@YAAAVios@@AAV1@@Z
??0stdiostream@@QAE@PAU_iobuf@@@Z
?sputc@streambuf@@QAEHH@Z
?writepad@ostream@@AAEAAV1@PBD0@Z
?pword@ios@@QBEAAPAXH@Z
??0fstream@@QAE@HPADH@Z
??_Estdiobuf@@UAEPAXI@Z
?pbackfail@streambuf@@UAEHH@Z
?fd@ofstream@@QBEHXZ
?clrlock@ios@@QAAXXZ
??0ostream@@QAE@PAVstreambuf@@@Z
?doallocate@streambuf@@MAEHXZ
??_Estdiostream@@UAEPAXI@Z
?endl@@YAAAVostream@@AAV1@@Z
??0Iostream_init@@QAE@XZ
??_7strstream@@6B@
??0istream@@IAE@XZ

ntdll

ZwSetLowEventPair
ZwCreatePagingFile
RtlAbortRXact
ZwSetInformationObject
RtlUnhandledExceptionFilter2
NtSetSystemEnvironmentValue
ZwLockProductActivationKeys
NtSetQuotaInformationFile
ZwWaitHighEventPair
isprint
NtAccessCheckByTypeResultListAndAuditAlarmByHandle
ZwPlugPlayControl
NtUnloadKey
RtlInitializeContext
ZwReleaseKeyedEvent
ZwEnumerateKey
ZwListenPort
_ultow
NtReplyWaitReceivePortEx
ZwSetSystemEnvironmentValueEx
RtlLargeIntegerNegate
RtlDestroyQueryDebugBuffer
ZwQueryIntervalProfile
RtlDestroyEnvironment

kernel32

ConvertFiberToThread
SetThreadExecutionState
OpenThread
GetUserDefaultUILanguage
WaitNamedPipeA
BeginUpdateResourceW
lstrcatW
FindVolumeClose
SetComputerNameW
GetEnvironmentStringsW
LoadLibraryA
GlobalHandle
SetConsoleActiveScreenBuffer
SetFileTime
DeleteFileA
CompareFileTime
FileTimeToDosDateTime
WriteConsoleOutputA
UnmapViewOfFile
FindAtomW
FindNextChangeNotification
GetProfileIntA
QueryInformationJobObject
SetConsoleCtrlHandler
SetConsoleKeyShortcuts
VirtualAlloc

Sections

.text
Size: 730KB - Virtual size: 730KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

918540dca34a01e74bc7821a3d02eb1a

Headers

DLL Characteristics

File Characteristics

Imports

sqlunirl

clbcatq

msvcirt

ntdll

kernel32

Sections

.text Size: 730KB - Virtual size: 730KB

.rdata Size: 107KB - Virtual size: 107KB

.data Size: 5KB - Virtual size: 1.4MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 1012B

.text
Size: 730KB - Virtual size: 730KB

.rdata
Size: 107KB - Virtual size: 107KB

.data
Size: 5KB - Virtual size: 1.4MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 1012B