fe3a3b95f55a4d20d3fab5495fa7c813_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fe3a3b95f55a4d20d3fab5495fa7c813_JaffaCakes118
Size

332KB
MD5

fe3a3b95f55a4d20d3fab5495fa7c813
SHA1

70b406b416364ea2ab3e9feade8ae704da4b2ca4
SHA256

7f7caad15d8c3b72c5b3b01f1c4eb8fd0bd2fcc5e518be49402c98dd2fe7b0a6
SHA512

9784097bb3340c60a6412c9cbd57affa79e2dca7f9c565e138ebf294ca34b07e02d1a06351bdffb797d537deffd1733b2e0309f09c2728aa9aa9098257779fc1
SSDEEP

6144:dIVtZKz2sJn2VH1Y3BoEGGL7QhbD2d+Zn4hCBae1:gU2s2VEnhL7QR6EZnOa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe3a3b95f55a4d20d3fab5495fa7c813_JaffaCakes118

Files

fe3a3b95f55a4d20d3fab5495fa7c813_JaffaCakes118
.exe windows:7 windows x86 arch:x86

3c4ea7abeb6055feb45bb30a6e610efd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

winmm

mciGetCreatorTask
midiOutGetErrorTextA
joyGetPos
midiStreamPosition
mixerGetControlDetailsW
mixerClose
midiInAddBuffer
joyGetDevCapsA
midiConnect
mmioDescend
mciGetErrorStringA
waveOutGetVolume
mixerGetLineInfoA
auxOutMessage
joyGetNumDevs
waveInPrepareHeader
midiOutGetDevCapsW
waveOutClose
auxGetVolume
waveOutMessage
mmioFlush
mmioAscend
midiOutPrepareHeader
mciGetYieldProc
joySetThreshold
midiInPrepareHeader
mciGetDeviceIDFromElementIDW
midiOutCachePatches
midiOutReset
auxGetDevCapsW
CloseDriver
mciLoadCommandResource
joyReleaseCapture
mmTaskYield
wod32Message
waveOutWrite
GetDriverModuleHandle
tid32Message
mxd32Message
PlaySoundW
waveOutGetDevCapsA
midiInReset
mixerGetLineControlsW
NotifyCallbackData
midiOutGetNumDevs
mci32Message
mixerGetControlDetailsA
DrvGetModuleHandle
midiOutShortMsg
midiOutGetErrorTextW
waveOutGetErrorTextW
waveInGetPosition
midiInGetDevCapsW
waveInGetDevCapsW
midiInGetErrorTextW
mciFreeCommandResource
waveOutGetID
midiOutUnprepareHeader
waveOutUnprepareHeader
timeSetEvent
midiInGetErrorTextA
joyConfigChanged
midiOutSetVolume
mixerGetDevCapsW
midiOutOpen
mixerGetNumDevs
auxGetDevCapsA

odbc32

SQLForeignKeysW
SQLGetDiagRecW
SQLFreeStmt
SQLSpecialColumns
SQLGetDiagRecA
SQLSetDescField
SQLSetConnectAttr
SQLProceduresW
VRetrieveDriverErrorsRowCol
SQLAllocHandleStd
SQLSetStmtAttrA
SQLNativeSqlA
SQLGetFunctions
CollectODBCPerfData
SQLGetDescField
GetODBCSharedData
PostODBCComponentError
ODBCGetTryWaitValue
SQLPrimaryKeys
SQLSetCursorNameA
SQLSetCursorName
SQLGetDescFieldW
SQLAllocConnect
SQLColumnPrivileges
CursorLibLockDesc
SQLCopyDesc
SQLBrowseConnectA
CursorLibLockStmt
SQLSetConnectAttrW
SQLFetchScroll
SQLTransact
ValidateErrorQueue
SQLSetPos
SearchStatusCode
SQLColAttributeA
SQLForeignKeysA
SQLDataSourcesW
SQLNativeSql
SQLSetDescRec
SQLSetDescFieldW
SQLGetDiagFieldA
SQLGetTypeInfoA
DllBidEntryPoint
SQLTablesA
SQLFreeConnect
SQLColAttributesA
SQLColumns
SQLGetConnectAttrW
SQLForeignKeys
SQLAllocHandle
SQLColAttribute
SQLNativeSqlW
SQLExecDirectW
SQLSetStmtAttr
SQLGetInfoA
SQLStatistics
SQLPrimaryKeysW
SQLGetData
CursorLibLockDbc
SQLPrepareW
SQLFreeHandle
SQLSetEnvAttr

kernel32

FindVolumeMountPointClose
GetFileSize
WriteFile
LocalFree
RemoveDirectoryW
GetLogicalDriveStringsW
GetVolumeInformationW
BackupSeek
CreateEventW
EraseTape
VirtualAlloc
FindNextVolumeMountPointW
InitializeCriticalSection
ReleaseSemaphore
GetDriveTypeW
GetDateFormatW
SetTapePosition
GetPriorityClass
CloseHandle
LocalAlloc
CreateThread
SetFilePointer
FindClose
SetEvent
GetVolumePathNameW
CreateMutexW
LeaveCriticalSection
FileTimeToSystemTime
SystemTimeToFileTime
EnterCriticalSection
GetComputerNameW
DeleteCriticalSection
SetFileShortNameW
CreateSemaphoreW
GetCurrentThreadId
VerSetConditionMask
TerminateProcess
SetPriorityClass
BackupRead
GetTapeParameters
GetCurrentDirectoryW
PrepareTape
GetFileAttributesW
GetSystemDirectoryW
ExitThread
GetVersionExA
VerifyVersionInfoW
CreateFileW
GetLastError
Sleep
UnhandledExceptionFilter
FindFirstFileW
VirtualFree
ReleaseMutex
SetFileTime
GetEnvironmentVariableW

advpack

DoInfInstall
GetVersionFromFile
RebootCheckOnInstall
RegRestoreAll
AddDelBackupEntry
FileSaveRestore
GetVersionFromFileEx
TranslateInfString
RegSaveRestoreOnINF
LaunchINFSectionEx
AdvInstallFile
IsNTAdmin
DelNode
ExecuteCab
RegSaveRestore

Sections

.text
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 552KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c4ea7abeb6055feb45bb30a6e610efd

Headers

DLL Characteristics

File Characteristics

Imports

winmm

odbc32

kernel32

advpack

Sections

.text Size: 195KB - Virtual size: 195KB

.data Size: 39KB - Virtual size: 38KB

.rsrc Size: 97KB - Virtual size: 552KB

.text
Size: 195KB - Virtual size: 195KB

.data
Size: 39KB - Virtual size: 38KB

.rsrc
Size: 97KB - Virtual size: 552KB