01e4c37d61c092a9c63170c2e4d73441_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

01e4c37d61c092a9c63170c2e4d73441_JaffaCakes118
Size

344KB
MD5

01e4c37d61c092a9c63170c2e4d73441
SHA1

699e9e6388bb075934ff659c5d148c7471d96139
SHA256

3034ea6ad7ad134034d0ada85c8c3141915c09dbb3748506ae4a1897d07bceb5
SHA512

446f0707507eaf5acda1e2d950b353f4d4b22cf57cdae43677b5df831d9750e4654eba04a7a224c9db7958449f7624c66d57bfb1a05ac2293f4db0bd422260e9
SSDEEP

6144:nMWklu6RvfI6k79tSJfo75jZJUpGGNGY6xx+xOQArSOsc:MWkltg6G9cJfo7lfWi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01e4c37d61c092a9c63170c2e4d73441_JaffaCakes118

Files

01e4c37d61c092a9c63170c2e4d73441_JaffaCakes118
.exe windows:4 windows x86 arch:x86

acc9c0e1412f4597ffcf12aeeef71aa6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

ColorAdjustLuma

oleaut32

VarUI4FromUI8

advapi32

RegCloseKey

msvcrt

__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
_mbclen
_mbctombb
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
exit
_XcptFilter
_exit
__crtCompareStringA
tolower
_strtime
_mbsicoll
_mbsnset
rewind
_local_unwind2
_wchmod
_memccpy
strlen
_execle
_setmaxstdio
_tolower
isgraph
isleadbyte
_acmdln
_rmdir
_onexit

gdi32

SetBkMode
SetDCPenColor
CreateCompatibleBitmap
GetCurrentObject
ResizePalette
SetBitmapBits

odbc32

SQLSetDescRec
SQLGetStmtAttrW
SQLAllocEnv
SQLForeignKeysA
SQLParamData
CursorLibLockDesc
SQLSetDescFieldA
SQLGetDiagRecA
SQLFreeStmt
ODBCGetTryWaitValue
SQLSetParam
SQLFreeConnect
SQLTablesW
SQLSetConnectOptionW
SQLNumResultCols
PostODBCComponentError
SQLGetDescFieldW
SQLGetTypeInfoW
SQLColAttributeW
SQLGetConnectAttrA
SQLBindCol
SQLGetInfoW
SQLPrepareA
SQLFreeEnv
SQLAllocHandleStd
PostODBCError
GetODBCSharedData
SQLGetDiagFieldW
SQLColAttributeA
SQLColumnPrivilegesW
SQLStatisticsW
SQLGetCursorNameA
SQLColumnsW
SQLExtendedFetch
SQLGetConnectOptionA
SQLGetFunctions
SQLProceduresW
SQLPrimaryKeysA
SQLGetData
SQLPutData
CollectODBCPerfData
SQLErrorW
g_hHeapMalloc
SQLAllocConnect
SQLAllocStmt
SQLColAttributesW
SQLTablePrivilegesW
SQLDisconnect
SQLSetPos
SQLGetDescFieldA
SQLDescribeColA
CursorLibTransact
SQLErrorA

activeds

ADsBuildVarArrayStr
ADsOpenObject
ConvertSecurityDescriptorToSecDes
AdsTypeToPropVariant
ADsFreeEnumerator
ADsBuildVarArrayInt
ADsGetObject
ConvertSecDescriptorToVariant
SecurityDescriptorToBinarySD
PropVariantToAdsType2
ADsBuildEnumerator

xolehlp

GetDtcLocaleResourceHandle
DtcGetTransactionManagerExA
DtcGetTransactionManagerC
DtcGetTransactionManager

shell32

RegenerateUserEnvironment

ole32

CoGetStandardMarshal
ProgIDFromCLSID

user32

GetWindowRgn
SetDlgItemInt
ValidateRgn

rasapi32

RasCreatePhonebookEntryW

ntdll

RtlInitString
RtlCreateEnvironment

kernel32

GetModuleHandleA
SetThreadExecutionState
SetHandleInformation
PulseEvent
SetComputerNameExW
SetConsoleCtrlHandler
VirtualAlloc
ResumeThread
SetEndOfFile
ReleaseSemaphore
LoadLibraryA
GetProcAddress
SearchPathA
CloseHandle
SetCommTimeouts
SetPriorityClass
GetModuleHandleA
GetStartupInfoA
SetFilePointer

Sections

.text
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

acc9c0e1412f4597ffcf12aeeef71aa6

Headers

File Characteristics

Imports

shlwapi

oleaut32

advapi32

msvcrt

gdi32

odbc32

activeds

xolehlp

shell32

ole32

user32

rasapi32

ntdll

kernel32

Sections

.text Size: 124KB - Virtual size: 121KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 100KB - Virtual size: 162KB

.rsrc Size: 108KB - Virtual size: 107KB

.text
Size: 124KB - Virtual size: 121KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 162KB

.rsrc
Size: 108KB - Virtual size: 107KB