bc6bfcf434a44773154dfe249e081c0d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bc6bfcf434a44773154dfe249e081c0d_JaffaCakes118
Size

645KB
MD5

bc6bfcf434a44773154dfe249e081c0d
SHA1

80f92eb49fd72c25c813ea8493a17e51f7840cbc
SHA256

26b1d3d1ef15256ee8abb357c7deaa6649c0a5769a2d16e65fc8bf3e677d8e4c
SHA512

cdafea76983026481165a748350966dd5ac38e9b92cc0420872b7fad9dad06be72c90c210e6229869caf43f175c94f4044b015980d69f1e96d2a63f26997e88f
SSDEEP

12288:LyqsMJ8E7d48cY5k6Q9SGyaLm9wHqN/4:LyqrXd4r6Q9SBaLmaKN/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc6bfcf434a44773154dfe249e081c0d_JaffaCakes118

Files

bc6bfcf434a44773154dfe249e081c0d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

88846cda6a425513359fda5a403b2c3e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glClipPlane
glIndexPointer
glMultMatrixd
glGetLightfv
glColor3uiv
glTexCoord1d
glTexParameteriv
glNormal3i
wglGetLayerPaletteEntries
glPixelMapusv
glPixelZoom
glColor3ui
glColor4usv
glLighti
glEnableClientState
glPopMatrix
wglDescribeLayerPlane

msvcrt

_j1
_getdllprocaddr
_getdrives
_aligned_realloc
_rotr
__getmainargs
__p__commode
_heapset
_wmkdir
_cputws
??_7__non_rtti_object@@6B@
_ismbbkalnum
_mbsicmp
__set_app_type
__p__dstbias
__p___winitenv
_adj_fdiv_m64
_controlfp
??_7bad_typeid@@6B@

mapi32

OpenTnefStream@28
FtAdcFt@20
CbOfEncoded@4
ScLocalPathFromUNC@12
OpenTnefStreamEx@32
FBadEntryList@4
HrSetOmiProvidersFlagsInvalid
LaunchWizard@20
DeinitMapiUtil@0
OpenTnefStream
MAPIGetDefaultMalloc@0
OpenStreamOnFile@24
UlRelease@4
cmc_query_configuration
HrThisThreadAdviseSink@8

ntdll

RtlGetUserInfoHeap
ZwSetSystemEnvironmentValue
RtlRealPredecessor
strcat
_aulldvrm
NtIsSystemResumeAutomatic
NtQueryIoCompletion
RtlEnumerateGenericTableLikeADirectory
ZwMapUserPhysicalPages
ZwSetIoCompletion
ZwCloseObjectAuditAlarm
NtSuspendThread
ZwRestoreKey
ZwQueryQuotaInformationFile
RtlCreateSystemVolumeInformationFolder

kernel32

GetDiskFreeSpaceExW
LZInit
WriteTapemark
ConvertThreadToFiber
SetCommState
VirtualQueryEx
GetPrivateProfileStringW
ExpandEnvironmentStringsA
LoadLibraryExA
VirtualAlloc
VerifyVersionInfoA
ExitProcess
SetConsoleTitleW
CancelTimerQueueTimer
GetSystemDirectoryA
GetCurrentConsoleFont

odbcbcp

SQLLinkedServers
bcp_writefmtA
SQLLinkedCatalogsW
bcp_initA
bcp_control
bcp_setcolfmt
bcp_colptr
dbprtypeA
bcp_writefmtW
bcp_exec
bcp_colfmt
SQLCloseEnumServers
dbprtypeW
bcp_bind

user32

GetMenu
GetParent
GetWindowDC

Sections

.text
Size: 302KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idat_22
Size: 161KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88846cda6a425513359fda5a403b2c3e

Headers

DLL Characteristics

File Characteristics

Imports

opengl32

msvcrt

mapi32

ntdll

kernel32

odbcbcp

user32

Sections

.text Size: 302KB - Virtual size: 302KB

.rdata Size: 176KB - Virtual size: 176KB

.idat_22 Size: 161KB - Virtual size: 235KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 302KB - Virtual size: 302KB

.rdata
Size: 176KB - Virtual size: 176KB

.idat_22
Size: 161KB - Virtual size: 235KB

.rsrc
Size: 4KB - Virtual size: 4KB