ce0b080c17d1cfad31b573b60c65e772_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ce0b080c17d1cfad31b573b60c65e772_JaffaCakes118
Size

246KB
MD5

ce0b080c17d1cfad31b573b60c65e772
SHA1

1c4fce8fc9c84d4f63b5759955d4b330ec7640cf
SHA256

cede0891463970dbcfe505b1ab374b35003f50896e6900976c2e932559852ca8
SHA512

18ad24b7afa65e9ca972c65e15b9f74d556a1e80368282442aa615800b08f8a6f5fd1255825d20e1baf0b777339ceff62a1befe385a155ac2ca9848a78c100c8
SSDEEP

6144:PvzNvTq+62dQI7vJmohrKHHctA+9+w8Ri2fY:Pvxv2+QmJm62HcD9CR/g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce0b080c17d1cfad31b573b60c65e772_JaffaCakes118

Files

ce0b080c17d1cfad31b573b60c65e772_JaffaCakes118
.exe windows:1 windows x86 arch:x86

26e0f64ffac444b08f8c636d2afe20db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

odbc32

SQLNumParams
SQLDriverConnectW
SQLColAttributesA
SQLColAttributeW
SQLFetch
ValidateErrorQueue
SQLProcedureColumnsW
CursorLibLockStmt
ODBCQualifyFileDSNW
DllBidEntryPoint
ODBCGetTryWaitValue
SQLColumnPrivileges
SQLNativeSql
SQLSetDescRec
SQLGetTypeInfoW
SQLTablePrivileges
SQLPrepareA
SQLColAttributes
SQLConnect
SQLGetConnectOptionW
SQLCopyDesc
SQLAllocStmt
SQLPrimaryKeysW
SQLDescribeParam
SQLForeignKeys
SQLColumns
SQLCancel
SQLErrorW
SQLTablesW
SQLGetStmtAttr
SQLExecDirectW
SQLGetInfoW
SQLBrowseConnectW
SQLGetDiagField
SQLSetStmtOption
SQLSetStmtAttrW
SQLGetDescFieldA
SQLGetTypeInfoA
SQLColAttributesW
SQLError
SQLPrimaryKeysA
SQLSetStmtAttr
SQLGetConnectOption
SQLDriverConnect
SQLProceduresA
SQLExtendedFetch
SQLFreeConnect
SQLNativeSqlA
SQLPrimaryKeys
SQLSetConnectAttrW
SQLExecDirect
SQLProcedureColumnsA
SQLColumnPrivilegesW
ODBCInternalConnectW
SQLGetDiagRec
SQLSetDescField
SQLProcedures
SQLPrepareW
SQLPutData
SQLGetEnvAttr
SQLGetDiagRecW
SQLDataSourcesW
SQLDriversA
SQLGetCursorName
SQLColumnsW
SQLTablesA
SearchStatusCode
SQLSetCursorName

winmm

mmioSetBuffer
midiOutUnprepareHeader
auxGetVolume
waveInOpen
mciSetYieldProc
midiOutCacheDrumPatches
WOW32ResolveMultiMediaHandle
auxSetVolume
waveInGetErrorTextA
midiInGetNumDevs
GetDriverModuleHandle
mciGetDeviceIDA
mid32Message
mciGetDeviceIDW
DriverCallback
midiStreamProperty
midiInGetErrorTextW
mciLoadCommandResource
mciGetDeviceIDFromElementIDA
midiStreamStop
tid32Message
midiConnect
joyGetPosEx
waveInAddBuffer
CloseDriver
WOW32DriverCallback
waveInGetErrorTextW
mixerSetControlDetails
mmioRenameW
waveOutRestart
mixerGetNumDevs
midiOutReset
midiOutCachePatches
waveInStart
midiOutPrepareHeader
sndPlaySoundA
mmioDescend
mixerGetLineInfoW
mciDriverNotify
mixerOpen
mixerGetDevCapsA
midiInGetDevCapsA
DefDriverProc
mmioGetInfo
WOWAppExit
midiOutSetVolume
waveOutMessage
joyReleaseCapture
waveInReset
timeGetDevCaps
mmsystemGetVersion
mciGetDriverData
mciGetYieldProc
waveInClose
auxGetNumDevs
joyGetDevCapsA
mci32Message
mciExecute
mciSendCommandA
mciSetDriverData
joySetThreshold
waveOutUnprepareHeader
mmTaskSignal
waveInGetID
mod32Message
mmioOpenW
midiInOpen

advpack

DelNodeRunDLL32
RunSetupCommand
OpenINFEngine
AdvInstallFile
RegSaveRestore
SetPerUserSecValues
UserUnInstStubWrapper
LaunchINFSection
RegisterOCX
GetVersionFromFile
AddDelBackupEntry
RegInstall
RegRestoreAll

kernel32

EnterCriticalSection
MoveFileExW
LockFile
GetSystemTime
CreateThread
WriteTapemark
VirtualAlloc
CreateFileW
GetLastError
BackupWrite
CreateDirectoryW
GetPrivateProfileStringW
LoadLibraryW
GetCurrentProcessId
TerminateProcess
GetFileInformationByHandle
FindFirstFileW
CloseHandle
InitializeCriticalSection
FormatMessageW
GetStartupInfoW
CreateMutexW
GetCurrentDirectoryW
CompareStringW
VirtualFree
FindNextFileW
LeaveCriticalSection
ReleaseMutex
LocalFree
GetCurrentThread
SystemTimeToFileTime
FindClose
WritePrivateProfileStringW
GetVersionExW
BackupRead
RemoveDirectoryW
SetFileTime
ReleaseSemaphore
ReadFile
GetTapePosition
GetFileAttributesW
SetCurrentDirectoryW
GetPriorityClass
GetDiskFreeSpaceExW
SetFileShortNameW
LocalAlloc
FileTimeToSystemTime
GetWindowsDirectoryW
GetNumberFormatW
GetTapeParameters
GetVersionExA
GetDateFormatW
GetDriveTypeW
SetPriorityClass
CreateSemaphoreW
FlushFileBuffers
GetLocalTime

Sections

.text
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26e0f64ffac444b08f8c636d2afe20db

Headers

DLL Characteristics

File Characteristics

Imports

odbc32

winmm

advpack

kernel32

Sections

.text Size: 205KB - Virtual size: 205KB

.data Size: 29KB - Virtual size: 29KB

.rsrc Size: 10KB - Virtual size: 572KB

.text
Size: 205KB - Virtual size: 205KB

.data
Size: 29KB - Virtual size: 29KB

.rsrc
Size: 10KB - Virtual size: 572KB