71d0e5e1b24bffaea002f702cbdc7371_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

71d0e5e1b24bffaea002f702cbdc7371_JaffaCakes118
Size

134KB
MD5

71d0e5e1b24bffaea002f702cbdc7371
SHA1

24d75597a2222af9a53e693b15e36a2669153a30
SHA256

9009a3c71a6041a89a47a8473682c6872c15dc63887574e93374649d2b9ad956
SHA512

a1d642828b00ac03a7da958dadbe0e07ffd9fd891cd325034b457e6155d89c2d5a2db3ece9ba284a7a64c840a9b2d418cc955d122476085f77d762e33872370b
SSDEEP

3072:v2wb3Zpjn2J1hyacB0SgadthPSBvGxv91:u7ed0GxSNGx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71d0e5e1b24bffaea002f702cbdc7371_JaffaCakes118

Files

71d0e5e1b24bffaea002f702cbdc7371_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4113566d8df065f87202255a3fa84a69

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rastapi

PortSetFraming
PortSetInfo
PortSend
SetCommSettings
RastapiSetCalledID
AddPorts
DeviceListen
PortConnect
PortGetInfo
PortDisconnect
DeviceWork
RastapiGetCalledID
GetZeroDeviceInfo
PortGetPortState
DeviceGetDevConfig
PortCompressionSetInfo
PortGetIOHandle
PortSetIoCompletionPort
DeviceGetDevConfigEx
PortClearStatistics
PortEnum

certcli

CAEnumFirstCA
CACloseCA
CACloseCertType
CASetCAProperty
CACreateLocalAutoEnrollmentObject
CASetCAFlags
CAFreeCertTypeExtensions
CARemoveCACertificateType
CADeleteCA
CASetCAExpiration
CAGetCASecurity
CAOIDFreeProperty
CASetCertTypeFlags
CAGetCertTypePropertyEx
CAInstallDefaultCertType
CAEnumNextCertType
CADeleteCertType
CAEnumNextCA
CAGetCAExpiration
CAOIDFreeLdapURL
CAGetCertTypeProperty

msvcrt

__isascii
__threadid
strtok
_fgetchar
tanh
__p___wargv
wcstoul
_CIasin
_wmkdir
__pioinfo
getwchar
??1exception@@UAE@XZ
_mbscoll
strlen
memcmp
asin
_wmakepath
_fcloseall
_local_unwind2
_setjmp
_setmbcp
__iscsymf
_wsystem

sqlsrv32

SQLFreeStmt
SQLGetConnectAttrW
SQLParamOptions
SQLTablesW
SQLPutData
SQLSetConnectOptionW
ConfigDriverW
SQLNativeSqlW
SQLSetConnectAttrW
LibMain
SQLCancel
BCP_getcolfmt
SQLSetEnvAttr
SQLRowCount
SQLColAttributeW
TestDlgProc
SQLGetData
SQLProceduresW
SQLSpecialColumnsW
WizLanguageDlgProc
BCP_moretext

kernel32

WriteProfileStringW
GlobalFindAtomA
GetFileType
LoadLibraryA
HeapDestroy
GetWindowsDirectoryA
GlobalFix
AddAtomW
DeactivateActCtx
CancelWaitableTimer
VirtualFreeEx
WriteTapemark
GetLargestConsoleWindowSize
GetExitCodeThread
GetACP
VirtualAlloc
GetThreadSelectorEntry
GlobalUnWire
GetLastError
Module32First
MoveFileWithProgressA
IsBadHugeWritePtr
WriteProfileSectionA
WriteConsoleOutputCharacterA
FreeUserPhysicalPages
GetDriveTypeW
SetConsoleIcon
OpenWaitableTimerW
GetEnvironmentStringsA

user32

EndDialog

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 61KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4113566d8df065f87202255a3fa84a69

Headers

DLL Characteristics

File Characteristics

Imports

rastapi

certcli

msvcrt

sqlsrv32

kernel32

user32

Sections

.text Size: 30KB - Virtual size: 30KB

.xdata Size: 39KB - Virtual size: 39KB

.idata Size: 61KB - Virtual size: 234KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 312B

.text
Size: 30KB - Virtual size: 30KB

.xdata
Size: 39KB - Virtual size: 39KB

.idata
Size: 61KB - Virtual size: 234KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 312B