d7016e3657908fbdefe1c71a5f20782a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d7016e3657908fbdefe1c71a5f20782a_JaffaCakes118
Size

40KB
MD5

d7016e3657908fbdefe1c71a5f20782a
SHA1

0a8dac63cc30d6672e04e49585360405ff650b06
SHA256

5c66a87307c47fe5a74af25f344583911feae4f689683d2be6f1ee46ea4284af
SHA512

cb9abbccb0dec8eb85a13dacafa6b2825364ccb9f30343b42a4b2b283558bf38672c8af91a25878a9870982824d50a3d5c5962ddb874f70a268eefd9cb69771c
SSDEEP

768:EDY5PRz6m20rubTtR6weprYwbRCMa8f+gsyDYm:R9R+OKPQpswbLz+vm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d7016e3657908fbdefe1c71a5f20782a_JaffaCakes118

Files

d7016e3657908fbdefe1c71a5f20782a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e737621f4122c677ad007bd8cbf8b36a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AllocConsole
GetLogicalDriveStringsA
ExpandEnvironmentStringsA
EnumResourceNamesA
ReadConsoleOutputCharacterA
GetConsoleCommandHistoryA
GetConsoleAliasA
FindCloseChangeNotification
OpenEventA
GlobalGetAtomNameA
IsProcessorFeaturePresent
SetVolumeMountPointA
GetSystemDefaultUILanguage
GetTempPathA
GetCurrentProcessId
VirtualAlloc
SetCommBreak
GetCurrentThreadId
ReadConsoleA
HeapCreate
UpdateResourceA
FileTimeToDosDateTime
DeleteTimerQueue
WriteFileEx
GetStdHandle
GetFileAttributesA
GetCurrentDirectoryA
GetProcessAffinityMask
LockFile
EndUpdateResourceA
lstrcpyA
CreateTimerQueueTimer
MoveFileWithProgressA
GetModuleHandleA
GetNumberFormatA
GetBinaryType
ConvertDefaultLocale
GetThreadSelectorEntry
Thread32Next
BeginUpdateResourceA
SetFileAttributesA
GetSystemTimes
GetFileTime
FreeResource
LZStart
GetDriveTypeA
SetVolumeLabelW
FlushInstructionCache
SetCalendarInfoA
LocalUnlock
FindNextVolumeMountPointA
ReleaseMutex
ReleaseSemaphore
GetLocaleInfoA
GetThreadContext
EnumSystemLocalesA
FileTimeToLocalFileTime
IsBadStringPtrA
GetConsoleMode
LoadLibraryA
IsValidCodePage
SetConsoleWindowInfo
LoadLibraryExA
GetConsoleCursorMode
FindResourceExA
GetDiskFreeSpaceExA
GetPrivateProfileSectionNamesW
FindNextVolumeA
SetConsoleTextAttribute
GetTimeFormatA
GetDiskFreeSpaceA
WriteConsoleOutputA
GlobalLock
SetVolumeLabelA
GetCurrentProcess
DeleteTimerQueueEx
SetLocalPrimaryComputerNameA
CommConfigDialogA
ProcessIdToSessionId
FindFirstVolumeMountPointA
GetConsoleKeyboardLayoutNameA
GetCommState
GetSystemInfo
ClearCommBreak
GetProcessIoCounters
SetFileValidData
ReadConsoleInputA
OpenSemaphoreA
LCMapStringA
GetSystemTimes
GetEnvironmentVariableA
GetThreadLocale
lstrcatA
GetWindowsDirectoryA
GetCommTimeouts
ReadConsoleOutputAttribute
FindNextVolumeW
FlushViewOfFile
GlobalUnfix
GetBinaryTypeA
FindResourceExW
ReadConsoleInputA
GetConsoleTitleA
RemoveDirectoryA
GetDefaultCommConfigA
IsBadCodePtr
GetStartupInfoA

dhcpcsvc

DhcpUndoRequestParams

odbc32

SQLSetStmtAttr
SQLExecute

d3d9

Direct3DCreate9

Exports

Exports

InitXjmhoxfpfl
Yiqhfhy
ReadNrexwrm
AddTquencitld
IsUbovdywg
Bvcftqrs
OpenBqwjgqp
BeginYwwklkpubnt
EndOxbkcxqlko
Gqspgmxovyj
Ljsbahjjh
Wpwmyvd
Nniwxcn
CreateTxjxyqrl
EndGbbkvxrsebl
Xspfspra
Wicanmbf
Nchxsyltbk

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e737621f4122c677ad007bd8cbf8b36a

Headers

File Characteristics

Imports

kernel32

dhcpcsvc

odbc32

d3d9

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.data Size: 1024B - Virtual size: 600B

.idata Size: 3KB - Virtual size: 2KB

.rdata Size: 12KB - Virtual size: 325KB

.edata Size: 512B - Virtual size: 456B

.rsrc Size: 1024B - Virtual size: 76KB

.text
Size: 21KB - Virtual size: 20KB

.data
Size: 1024B - Virtual size: 600B

.idata
Size: 3KB - Virtual size: 2KB

.rdata
Size: 12KB - Virtual size: 325KB

.edata
Size: 512B - Virtual size: 456B

.rsrc
Size: 1024B - Virtual size: 76KB