ea6314d6b6a855a82a807382a2ac5edd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ea6314d6b6a855a82a807382a2ac5edd_JaffaCakes118
Size

868KB
MD5

ea6314d6b6a855a82a807382a2ac5edd
SHA1

752876eae64d664c110d8a6730286c7cb3dd84a2
SHA256

93aed7abda14db287cbaadb15b08a6234a656f54867025aff24df4916be25a23
SHA512

fe3ac9bec544e0afc5bb86e6ae39bc72385ecc70855ccd86dabb03eb08bbc341d17a19c87cd0d91579ad808ce4d58825d32acdbaec75af260bb7214a34f9e0f5
SSDEEP

12288:McMj2wvJM3Lpw5wrb3Y0bRyKt+PL02pzaSBe+ncmlK1tlpqnB3O10TULWT5svNP2:McMKwqbHP1yKt+zNzHo+nDKrGE1fAo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea6314d6b6a855a82a807382a2ac5edd_JaffaCakes118

Files

ea6314d6b6a855a82a807382a2ac5edd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ecc2f534ab647c3a2a7413528bca159e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dhcpsapi

DhcpEnumSubnetElementsV5
DhcpDsInit
DhcpRemoveSubnetElement
DhcpGetAllOptions
DhcpCreateOptionV5
DhcpGetSuperScopeInfoV4
DhcpGetThreadOptions
DhcpSetClientInfo
DhcpSetOptionValueV5
DhcpRemoveSubnetElementV5
DhcpAuditLogGetParams
DhcpGetClientInfoV4
DhcpSetOptionValuesV5
DhcpDeleteSubnet
DhcpCreateSubnet
DhcpAddMScopeElement
DhcpGetMibInfo
DhcpGetClientInfo
DhcpDeleteMClientInfo
DhcpGetOptionInfo
DhcpGetOptionInfoV5
DhcpEnumMScopeElements
DhcpServerQueryAttributes
DhcpServerBackupDatabase
DhcpSetOptionValues
DhcpRemoveOptionValue
DhcpServerSetConfig
DhcpServerRedoAuthorization
DhcpSetSuperScopeV4
DhcpAddSubnetElement
DhcpDeleteClass
DhcpEnumSubnetElementsV4
DhcpSetClientInfoV4
DhcpGetMScopeInfo
DhcpGetOptionValueV5
DhcpDeleteClientInfo
DhcpServerGetConfigV4
DhcpSetThreadOptions
DhcpAddServer
DhcpEnumClasses
DhcpGetClientOptions

kernel32

SetConsoleFont
LocalFree
Heap32ListNext
DebugBreakProcess
HeapReAlloc
SetFileShortNameA
CreateActCtxA
LocalSize
SetCommState
WriteTapemark
GetEnvironmentStringsA
SetLastError
GetLongPathNameW
Heap32First
CancelTimerQueueTimer
GetLocaleInfoW
_hread
GlobalCompact
CreateThread
GetCurrentThread
SetVolumeLabelA
FillConsoleOutputCharacterA
GetShortPathNameW
AddConsoleAliasW
VirtualAlloc
RegisterConsoleIME
VirtualProtectEx
LZClose
ReadConsoleInputA
CommConfigDialogA
GetDriveTypeW
SetConsoleDisplayMode
PeekNamedPipe
DosPathToSessionPathW
GetComputerNameExW
VirtualUnlock
SetConsoleNumberOfCommandsW
BaseCleanupAppcompatCacheSupport
GetCurrentThreadId
CreateHardLinkW
GetProcessTimes
GlobalAlloc
BuildCommDCBA
LoadLibraryA
_lopen

d3d8thk

OsThunkDdGetScanLine
OsThunkDdGetFlipStatus
OsThunkDdCreateSurfaceEx
OsThunkDdGetBltStatus
OsThunkDdWaitForVerticalBlank
OsThunkDdQueryMoCompStatus
OsThunkDdCanCreateSurface
OsThunkDdCreateD3DBuffer
OsThunkDdGetDxHandle
OsThunkDdDeleteSurfaceObject
OsThunkDdUnlock
OsThunkDdDeleteDirectDrawObject
OsThunkDdFlipToGDISurface
OsThunkDdGetDC
OsThunkDdCanCreateD3DBuffer
OsThunkD3dDrawPrimitives2
OsThunkDdGetDriverInfo
OsThunkDdCreateSurfaceObject
OsThunkDdAttachSurface
OsThunkDdDestroySurface
OsThunkDdCreateSurface
OsThunkD3dContextDestroyAll
OsThunkDdGetMoCompBuffInfo
OsThunkDdGetInternalMoCompInfo
OsThunkDdUnattachSurface

rasman

RasCompressionSetInfo
RasRequestNotification
RasPortGetFramingEx
RasGetFramingCapabilities
RasBundleGetStatistics
RasGetHportFromConnection
RasAddConnectionPort
RasRpcGetSystemDirectory
RasDoIke
RasRpcDisconnectServer
RasReferenceCustomCount
RasRpcDeviceEnum
RasRpcRemoteSetUserPreferences
RasDeviceGetInfo
RasPortReceiveEx
RasBundleClearStatisticsEx
RasPortGetStatisticsEx
RasPortCancelReceive
RasPortGetProtocolCompression
RasRpcConnectServer
RasProtocolEnum
RasPortReceive
RasGetPortUserData
RasRpcEnumConnections
RasPortListen
RasGetConnectionUserData
RasGetHConnFromEntry
RasFreeBuffer
RasPortReserve
RasPortConnectComplete
RasConnectionEnum
RasGetUserCredentials
RasGetDevConfig
RasRpcConnect
RasEnumConnectionPorts
RasGetDialParams
RasDeAllocateRoute
RasPortFree

cfgmgr32

CM_Get_Device_Interface_AliasA
CM_Unregister_Device_InterfaceA
CM_Remove_SubTree
CM_Enable_DevNode_Ex
CM_Set_HW_Prof_Flags_ExW
CM_Set_HW_Prof
CM_Get_Class_Key_NameW
CM_Register_Device_Interface_ExA
CM_Get_Hardware_Profile_InfoA
CM_Get_Res_Des_Data_Ex
CM_Get_Next_Res_Des_Ex
CM_Query_Arbitrator_Free_Size_Ex
CM_Get_Class_Name_ExA
CM_Open_Class_KeyW
CM_Get_Log_Conf_Priority_Ex
CM_Query_And_Remove_SubTree_ExA
CM_Get_HW_Prof_FlagsA
CM_Free_Log_Conf_Handle
CM_Get_Child
CM_Set_DevNode_Registry_Property_ExA
CM_Query_And_Remove_SubTree_ExW
CM_Unregister_Device_InterfaceW
CM_Get_Device_ID_List_ExW
CM_Query_Arbitrator_Free_Data_Ex
CM_Free_Log_Conf

user32

DrawFrameControl
RealGetWindowClassW
ClientThreadSetup
TabbedTextOutA
GetMessageW
WINNLSGetEnableStatus
DdeAbandonTransaction
EnableScrollBar
IsIconic
UnionRect
DdeNameService
DialogBoxIndirectParamW
GetMonitorInfoW
RegisterShellHookWindow
CharLowerBuffW
CharUpperBuffA
EnableMenuItem
GetMouseMovePointsEx
EnumClipboardFormats
ScrollDC
BlockInput
CreateMDIWindowW
EnumDesktopsW
DrawTextExW
RegisterClassExA

msorcl32

SQLNativeSql
SQLParamData
SQLFreeEnv
SQLPrimaryKeys
SQLProcedures
SQLSetScrollOptions
SQLGetStmtOption
SQLMoreResults
SQLDescribeCol
SQLAllocStmt
SQLSetStmtOption
SQLNumResultCols
SQLDescribeParam
SQLBindCol
SQLGetData
SQLBindParameter
SQLSetPos
SQLGetCursorName
SQLGetConnectOption
SQLPrepare
SQLColumns
SQLAllocEnv
SQLPutData
SQLBrowseConnect
SQLRowCount
SQLColAttributes
SQLSetConnectOption
SQLFetch
SQLConnect
SQLAllocConnect
SQLForeignKeys
SQLTransact
SQLExecute
SQLProcedureColumns
LoadByOrdinal
SQLSetCursorName

Sections

.text
Size: 222KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 576KB - Virtual size: 576KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ecc2f534ab647c3a2a7413528bca159e

Headers

DLL Characteristics

File Characteristics

Imports

dhcpsapi

kernel32

d3d8thk

rasman

cfgmgr32

user32

msorcl32

Sections

.text Size: 222KB - Virtual size: 224KB

.rdata Size: 576KB - Virtual size: 576KB

.data Size: 66KB - Virtual size: 1.5MB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 222KB - Virtual size: 224KB

.rdata
Size: 576KB - Virtual size: 576KB

.data
Size: 66KB - Virtual size: 1.5MB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB