aa712dac95426994a5a93665ba97a8c3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aa712dac95426994a5a93665ba97a8c3_JaffaCakes118
Size

644KB
MD5

aa712dac95426994a5a93665ba97a8c3
SHA1

86d1bb5aad09e0757faeef348e816e249c7368e1
SHA256

9042e961e4b1b5ae45e9decac13730b07608ceb1dc0d3fdb6f47130a193e8b3b
SHA512

2a17cfa915f77a2ce48a6a6adb28c6bed22a9cf75265c85aa70210cd96b56eb80470d106558445fc9db1992a905a548e831df2dca21ff867fda9a35dc353f4eb
SSDEEP

12288:HnVcU1cXj/7npYJY/iOsS9Saft+PrUq0mSm4+kzT3aifcwIuxod9lYw4:HVcXj/7pAiBwkv3/k/ux6fY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa712dac95426994a5a93665ba97a8c3_JaffaCakes118

Files

aa712dac95426994a5a93665ba97a8c3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

abf73d48d8d139a9bbf5dbb2c8301ec5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

query

??0CDbSelectNode@@QAE@XZ
??0CPerfMon@@QAE@PBG@Z
??0CMetaDataMgr@@QAE@HW4CiVRootTypeEnum@@KPBG@Z
?ParseCatalogURL@@YGJPBGAAV?$XPtrST@G@@1@Z
??1CEventLog@@QAE@XZ
?NotifyWriteRead@CRequestClient@@QAEHPAX0K0KAAK@Z
?QueryVirtualScopeList@CiStorage@@QAEPAVPRcovStorageObj@@K@Z
??0CMmStream@@QAE@KH@Z
?SetPhrase@CContentRestriction@@QAEXPBG@Z
CIBuildQueryTree
??0CDbContentRestriction@@QAE@PBGABUtagDBID@@KK@Z
?AppendListElement@CDbListAnchor@@IAEHPAVCDbCmdTreeNode@@@Z
??1CParseCommandTree@@QAE@XZ
?SkipChar@CMemDeSerStream@@UAEXK@Z

comdlg32

GetFileTitleA
ReplaceTextW
dwLBSubclass
dwOKSubclass
Ssync_ANSI_UNICODE_Struct_For_WOW
ChooseColorW
ReplaceTextA
PrintDlgExA
GetOpenFileNameA
PageSetupDlgW
WantArrows
PrintDlgA

sqlunirl

_IsDialogMessage@8
_GetDlgItemText@16
_RegConnectRegistry_@12
newMultiByteFromWideCharSize
_ReportEvent_@36
_RegQueryValue_@16
_FindWindow_@8
_RegEnumKey_@16
_SHGetFileInfo_@20
_OpenWindowStation_@12
_LoadMenu@8
_CreateNamedPipe_@32
_GetShortPathName_@12
_MoveFile@8
_GetPrivateProfileSection_@16

glmf32

glsNumd
glsNuml
glsHeaderGLRCi
glsGetAllContexts
glsAbortCall
glsFlush
glsULongLow
glsGetCaptureDispatchTable
glsComment
glsGetCurrentContext
glsWriteFunc
glsUTF8toUCS2z
__glsParser_create
glsNumlv

kernel32

SetTimeZoneInformation
InterlockedIncrement
GetPrivateProfileSectionA
OpenFileMappingW
InvalidateConsoleDIBits
SetConsoleCursor
SetFilePointer
BuildCommDCBA
GetComputerNameExA
VerifyVersionInfoA
_hread
VirtualAlloc
GetProcAddress
ExitProcess

user32

GetWindowDC
IsWindow
GetMenu

opengl32

glColor3ubv
glCopyTexImage1D
glScalef
glClearIndex
glNormal3i
wglDeleteContext
glColor3s
glLightiv
glLightModelf
wglCreateContext
glPointSize
glColor4usv
glTexGenfv

Sections

.text
Size: 333KB - Virtual size: 333KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idat_97
Size: 123KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abf73d48d8d139a9bbf5dbb2c8301ec5

Headers

DLL Characteristics

File Characteristics

Imports

query

comdlg32

sqlunirl

glmf32

kernel32

user32

opengl32

Sections

.text Size: 333KB - Virtual size: 333KB

.rdata Size: 183KB - Virtual size: 182KB

.idat_97 Size: 123KB - Virtual size: 195KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 333KB - Virtual size: 333KB

.rdata
Size: 183KB - Virtual size: 182KB

.idat_97
Size: 123KB - Virtual size: 195KB

.rsrc
Size: 3KB - Virtual size: 3KB