00e8fbe21d59ff12b9205eb9f26908ca_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

00e8fbe21d59ff12b9205eb9f26908ca_JaffaCakes118
Size

50KB
MD5

00e8fbe21d59ff12b9205eb9f26908ca
SHA1

31e2b55a11ccc4b9d6fa07080b9154449fea8b3a
SHA256

23c4c590299b3f09693f3918332b1cd1d973d45312735cd13bc2ed640d2999c6
SHA512

c970506c027feb7ea1ccf964de4c087b7ae8a43371d9262ab807f2c13a89090d0f016475d14ea28168d49629416c96c0fa99bb850c767156659cf9104cda823d
SSDEEP

768:OFK2COTttOEc5wMhENnrm8KnbhEnOfF3hsg4rrz6Yh:OFK2COOEiwwENrmbtIGnsgNYh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00e8fbe21d59ff12b9205eb9f26908ca_JaffaCakes118

Files

00e8fbe21d59ff12b9205eb9f26908ca_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6a4ce0cb357162c799d75276d63df1a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msi

MsiDatabaseOpenViewW
MsiPreviewBillboardW
MsiDatabaseExportW
MsiSetFeatureAttributesA
MsiRecordIsNull
MsiProvideQualifiedComponentW
MsiGetProductCodeW
MsiGetProductInfoA
MsiConfigureFeatureW
MsiInstallProductW
MsiAdvertiseProductW
MsiDatabaseImportW
MsiEnumClientsW
MsiProvideQualifiedComponentExW
MsiEnumComponentQualifiersW
MsiViewModify
MsiFormatRecordW
MsiInstallMissingFileA
MsiCreateTransformSummaryInfoW
MsiEnumProductsW
MsiIsProductElevatedW
MsiGetProductPropertyW
MsiReinstallFeatureA
MsiVerifyDiskSpace
MsiEnableLogA
MsiDatabaseGenerateTransformW
MsiReinstallFeatureFromDescriptorW
MsiMessageBoxA
MsiLoadStringA
MsiViewGetErrorA
MsiGetDatabaseState
MsiEnableLogW

kernel32

GetProcessId
GlobalFindAtomA
GetTimeFormatA
SetConsoleNlsMode
OutputDebugStringA
FreeEnvironmentStringsA
RtlFillMemory
GetWriteWatch
IsBadStringPtrW
VirtualAlloc
GetStartupInfoA
SetConsoleOS2OemFormat
SetLocaleInfoA
CreateConsoleScreenBuffer
TryEnterCriticalSection
GetTickCount
EnumCalendarInfoW
SetCommState
GetFileSizeEx
DefineDosDeviceW
GetPrivateProfileStructA
WaitForMultipleObjects
IsValidLocale
OpenConsoleW
EndUpdateResourceA
ReadDirectoryChangesW
SleepEx
GetConsoleOutputCP
CreateActCtxW
RemoveDirectoryA
GetComputerNameExA
GetOverlappedResult
LZStart
MoveFileExW
SizeofResource
GetEnvironmentStringsW
SetLocalPrimaryComputerNameW
BuildCommDCBW
CreateMutexW
GetCommProperties
GetCurrentProcessId
LoadLibraryA
GetProcAddress
SetConsoleMenuClose

oleaut32

VarI2FromDisp
VarI1FromI8
VarBoolFromStr
CreateErrorInfo
VarDecFromBool
VarR8FromI1
VarI1FromUI1
VarI8FromStr
SysReAllocString
VarDecFromI2
SafeArrayGetElemsize
VarCyFromI2
VarBoolFromI8
VarI4FromI8
VarI1FromR4
VarI1FromI4
SafeArrayGetUBound
VarUI8FromDate
SafeArrayUnaccessData
VarR8FromR4
LoadTypeLib
RegisterTypeLib
VarR4FromUI1
VarUI8FromUI4
VarUI1FromDisp
SafeArrayAllocData
LPSAFEARRAY_UserSize
VarUI4FromDisp
BSTR_UserSize
VarI1FromDate
VariantTimeToDosDateTime
VariantInit

user32

DdeImpersonateClient
OpenDesktopW
SendInput
SetCapture
SetWindowsHookExW
DefRawInputProc
FindWindowExW
CreateWindowExW
MapVirtualKeyW
SendIMEMessageExA
GetMenuItemCount
EnableScrollBar
BlockInput
CheckMenuItem
DeviceEventWorker
CreateMDIWindowW
MessageBoxTimeoutA
PrivateExtractIconsW
EnumDesktopWindows
SendMessageW
GetAltTabInfoW
CharLowerA
ChildWindowFromPoint
EndPaint
GetGuiResources
EmptyClipboard
CreateDialogParamW
CascadeChildWindows
GetScrollBarInfo

odbccp32

SQLInstallDriverExW
SQLGetInstalledDriversW
SQLGetAvailableDriversW
SQLWriteDSNToIniW
SQLInstallTranslator
SQLRemoveDriver
SQLInstallDriverManagerW
SQLRemoveTranslatorW
SQLRemoveDriverManager
SQLGetPrivateProfileString
SQLInstallDriverW
SQLValidDSN
SQLWritePrivateProfileString
SQLConfigDriverW
SQLLoadDataSourcesListBox
SQLWriteFileDSN
SQLRemoveDSNFromIniW
SQLReadFileDSN
SQLCreateDataSourceExW
SQLCreateDataSourceEx
SQLInstallerError
SQLInstallerErrorW
SQLPostInstallerError
SQLInstallTranslatorW
SQLInstallDriverManager
SQLConfigDriver
SQLInstallODBC
SQLConfigDataSourceW
SQLGetPrivateProfileStringW
SQLInstallTranslatorExW

wldap32

ldap_value_free_len
ldap_simple_bind_s
ldap_search_ext_s
ldap_create_sort_controlA
ldap_next_entry
ldap_control_freeW
ldap_start_tls_sW
ldap_search_abandon_page
ber_bvdup
ldap_get_dn
ldap_set_option
ldap_create_vlv_controlA
ldap_delete_ext_sA
ldap_search_extA
ldap_controls_free
ldap_err2stringA
ldap_check_filterA
ldap_parse_extended_resultA
ldap_parse_sort_controlW
ldap_dn2ufnW
ldap_next_attributeA
ldap_memfree
ldap_modifyA
ldap_deleteA
ldap_search_init_pageW
ldap_get_next_page_s
ber_first_element
ldap_modify
ldap_searchW

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a4ce0cb357162c799d75276d63df1a5

Headers

DLL Characteristics

File Characteristics

Imports

msi

kernel32

oleaut32

user32

odbccp32

wldap32

Sections

.text Size: 39KB - Virtual size: 38KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 3KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 39KB - Virtual size: 38KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB