d3dd017bd1c402efc61dee9044faccda_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d3dd017bd1c402efc61dee9044faccda_JaffaCakes118
Size

387KB
MD5

d3dd017bd1c402efc61dee9044faccda
SHA1

5805d315d672b71dd829dd8fafa679fa00781c48
SHA256

49f56dab6c6853dcfacb5e7cb9d435a102576ec150ba5b20f3b51fac72321bae
SHA512

2140b1b6a577545e656e738b1cb9899a9ed7b9b53f06257caceac0754892c7d2066e94995e104874062104ba0732947819c0a0c02a29aa58e5d11710be033918
SSDEEP

12288:dR6S15cdkN/U5onLa/0spyxIuZvUaXWDZAdvFh:qS/Ca/mo+/0ssIgm9AP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3dd017bd1c402efc61dee9044faccda_JaffaCakes118

Files

d3dd017bd1c402efc61dee9044faccda_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d566634a7aebc468ec77af52b9edeb53

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetConversionListW
ImmDisableIme
ImmGetHotKey
ImmAssociateContextEx
ImmUnlockImeDpi
ImmLockClientImc
ImmSetCompositionStringA
ImmGetConversionStatus
ImmCreateSoftKeyboard
ImmRegisterWordA
ImmSetActiveContext
ImmLoadIME
ImmSetCompositionStringW
ImmReleaseContext
ImmPutImeMenuItemsIntoMappedFile
ImmGetContext
ImmGetDefaultIMEWnd
ImmSendIMEMessageExW
ImmUnregisterWordW
ImmGetIMCCLockCount
ImmGetRegisterWordStyleW
ImmGenerateMessage
ImmConfigureIMEA
ImmShowSoftKeyboard
ImmGetCandidateListCountW
ImmSetStatusWindowPos
ImmGetRegisterWordStyleA
ImmSendIMEMessageExA
ImmGetCompositionStringA
ImmGetDescriptionW
ImmDestroyContext
ImmIsUIMessageW
ImmUnlockIMC
ImmGetIMEFileNameA
ImmLockImeDpi
ImmGetCandidateListCountA
ImmGetImeInfoEx
ImmGetIMCCSize

kernel32

ReleaseSemaphore
IsDBCSLeadByte
LocalAlloc
FindFirstVolumeA
GetCalendarInfoA
GetExitCodeThread
GetTimeFormatW
CompareStringA
FillConsoleOutputCharacterW
SetThreadPriority
GetLocaleInfoW
GetFirmwareEnvironmentVariableW
WriteConsoleInputA
RtlMoveMemory
HeapReAlloc
GetCurrentActCtx
SwitchToFiber
GetDriveTypeW
ReadFileScatter
MoveFileExW
DosDateTimeToFileTime
SetFileApisToANSI
GetSystemWow64DirectoryA
SetConsoleLocalEUDC
GlobalHandle
GetOverlappedResult
GetFullPathNameA
Heap32First
LoadLibraryA
SetConsoleMaximumWindowSize
GetSystemTimeAsFileTime
ReadConsoleOutputCharacterA
EnumSystemLocalesA
CopyFileExW
GetFullPathNameW
GetProcessWorkingSetSize
WriteProfileSectionW
GetProcessPriorityBoost
VirtualQuery
HeapSize
GetVolumePathNamesForVolumeNameW
GlobalFix
HeapCreate
FindFirstChangeNotificationW
FindNextChangeNotification
GlobalFindAtomA
GetPrivateProfileSectionNamesA
VirtualAlloc

odbc32

SQLGetDescRecA
SQLGetDiagRecW
ODBCInternalConnectW
SQLDescribeColW
SQLDataSources
GetODBCSharedData
SQLDriverConnectA
SQLConnectA
SQLAllocStmt
SQLPrimaryKeys
SQLGetDiagRecA
SQLPrimaryKeysW
SQLStatistics
SQLSetStmtOption
SQLAllocHandleStd
SQLGetTypeInfo
SQLGetStmtOption
SQLColAttributesW
SQLGetCursorName
SQLPrepareA
LockHandle
SQLProcedureColumnsA
SQLStatisticsA
SQLSetConnectAttr
SQLExecute
ODBCSetTryWaitValue
SQLGetConnectAttrA
SQLSpecialColumnsW
SQLError
SQLConnectW
SQLProcedureColumns
SQLSpecialColumns
SQLDescribeParam
SQLGetDiagFieldW
SQLBrowseConnectA
SQLDrivers
SQLForeignKeysA
SQLForeignKeys
SQLDataSourcesW
SQLTablesW
SQLGetDescRec
SQLGetDiagFieldA
SQLGetDescRecW

mapi32

WrapStoreEntryID@24
EnableIdleRoutine@8
MNLS_CompareStringW@24
FtMulDw@12
FBadPropTag@4
MAPIDeinitIdle@0
MAPIDetails
FBadEntryList@4
BMAPIDetails
BMAPISaveMail
LaunchWizard@20
UNKOBJ_ScCOReallocate@12
FreePadrlist@4
HrIStorageFromStream@16
MAPILogonEx
MAPIReadMail
FEqualNames@8
DeregisterIdleRoutine@4
FtgRegisterIdleRoutine@20
MAPIUninitialize
FBadRestriction@4
GetAttribIMsgOnIStg@12
ScUNCFromLocalPath@12
HrValidateIPMSubtree@20
MNLS_IsBadStringPtrW@8
__CPPValidateParameters@8
BMAPIGetAddress
FDecodeID@12
FPropExists@8
HrDecomposeMsgID@24
DllGetClassObject
ScGenerateMuid@4
cmc_logoff
UNKOBJ_Free@8
MAPIFreeBuffer
MNLS_WideCharToMultiByte@32
FreeProws@4
FBadRowSet@4

opengl32

glGetTexGenfv
glMultMatrixf
glShadeModel
glTexCoord4sv
glEvalCoord2f
wglSetLayerPaletteEntries
glPopName
glTexCoord3s
glTranslatef
glLoadIdentity
glIndexdv
glArrayElement
glMatrixMode
glViewport
glTexCoord2fv
glTexCoord3dv
glStencilOp
glAccum
wglUseFontOutlinesW
glTexGendv
glTexCoord1f
glFogiv
glGetMaterialfv
glTexCoord3iv
glTexSubImage1D
glReadBuffer
glRectdv
GlmfEndGlsBlock
glIndexubv
glColor3uiv
glRasterPos3s
glVertex4s
glVertex3i
glClearStencil
glTexCoord4f
glVertex4sv
glNormal3s
glTexParameterf

qdvd

DllGetClassObject

Sections

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 507KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d566634a7aebc468ec77af52b9edeb53

Headers

DLL Characteristics

File Characteristics

Imports

imm32

kernel32

odbc32

mapi32

opengl32

qdvd

Sections

.text Size: 156KB - Virtual size: 156KB

.rdata Size: 128KB - Virtual size: 128KB

.data Size: 1KB - Virtual size: 507KB

.rsrc Size: 100KB - Virtual size: 100KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 156KB - Virtual size: 156KB

.rdata
Size: 128KB - Virtual size: 128KB

.data
Size: 1KB - Virtual size: 507KB

.rsrc
Size: 100KB - Virtual size: 100KB

.reloc
Size: 1024B - Virtual size: 1024B