721c0b8e2e814555946f92ab7ce738a5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

721c0b8e2e814555946f92ab7ce738a5_JaffaCakes118
Size

380KB
MD5

721c0b8e2e814555946f92ab7ce738a5
SHA1

23bb22c9a7aa7e15e252f98833453b7922d7858f
SHA256

c529f34ba96f79757569f8d0ada3c0c200d7174f45a6ee6747111673d9bebf5e
SHA512

9b7e55f9bf432c5c6f8015ecc7e7fe11626ac0c4ced40e9cd6e144a3e214b63e32cce98da97c58006a46311be26f212b27197caaa65bf69a36e2146a0c8f5f74
SSDEEP

6144:L/bcKq1indB0SPawfqhBInMJ899HY6ACPIVoBBlGc1K/+SvvuKqBU2bs+/pBdChb:L4N1i0SPl0sYkPISBBVSviUmdM2qxw/s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
721c0b8e2e814555946f92ab7ce738a5_JaffaCakes118

Files

721c0b8e2e814555946f92ab7ce738a5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

87e16cd38ab5651bd36ed477d5a6a2bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetLastError
lstrlenW
GetCurrentDirectoryA
CloseHandle
SwitchToThread
WaitForSingleObject
SetEvent
CreateEventW
ResumeThread
GetProcAddress
RaiseException
InitializeCriticalSection
DeleteCriticalSection
TlsAlloc
TlsFree
LoadLibraryW
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
SetThreadLocale
GetThreadLocale
GetSystemDefaultLCID
lstrcmpiW
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
GetSystemTimeAsFileTime
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
GetCurrentThreadId
OutputDebugStringW
FreeLibrary
SetCurrentDirectoryW
GetModuleFileNameW
GetCurrentDirectoryW
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange

user32

CharNextW
UnregisterClassA

advapi32

RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegQueryInfoKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyExW

rpcrt4

CStdStubBuffer_AddRef
CStdStubBuffer_QueryInterface
NdrOleFree
NdrOleAllocate
IUnknown_Release_Proxy
CStdStubBuffer_Connect
IUnknown_QueryInterface_Proxy
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
NdrDllRegisterProxy
NdrDllUnregisterProxy
CStdStubBuffer_Disconnect
CStdStubBuffer_Invoke
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_CountRefs
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_DebugServerRelease
IUnknown_AddRef_Proxy

ole32

CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree

odbc32

SQLFreeConnect

Sections

.text
Size: 267KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 437KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87e16cd38ab5651bd36ed477d5a6a2bd

Headers

File Characteristics

Imports

kernel32

user32

advapi32

rpcrt4

ole32

odbc32

Sections

.text Size: 267KB - Virtual size: 267KB

.init Size: 3KB - Virtual size: 2KB

.data Size: 103KB - Virtual size: 437KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 267KB - Virtual size: 267KB

.init
Size: 3KB - Virtual size: 2KB

.data
Size: 103KB - Virtual size: 437KB

.rsrc
Size: 6KB - Virtual size: 5KB