077f7e036675502c9ebfe8cb2f663dcc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

077f7e036675502c9ebfe8cb2f663dcc_JaffaCakes118
Size

335KB
MD5

077f7e036675502c9ebfe8cb2f663dcc
SHA1

8984cab30fd2e9a00f2c9066c5efc3e701d3c841
SHA256

6908f154b1dc32c85e31f1659dc7354afbdcda33b0664d5d2d06f38414730544
SHA512

75d0ceef0afc48272ad16e6ba33f4e61fa5f351eb22fe0218b1124669c14b0099cba7814ff8bca2da12e12653b8f6d00e4154aa871694f451f60ac7f522170e3
SSDEEP

6144:fDTkT+bYTdPpcjNE4IitaE5XGUSa2Ux4S+RFWKvk6f:8T5TDc64IitaF5arik

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
077f7e036675502c9ebfe8cb2f663dcc_JaffaCakes118

Files

077f7e036675502c9ebfe8cb2f663dcc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a5577dfb91d8c753e6fa2c9bb2b8a555

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

OpenProcessToken
OpenSCManagerW
OpenServiceW
AdjustTokenPrivileges
LookupPrivilegeValueW
CloseServiceHandle
QueryServiceStatusEx

kernel32

CreateMutexW
SetConsoleCtrlHandler
GetModuleHandleW
GetFileType
GetDateFormatA
ConnectNamedPipe
HeapFree
TlsFree
GetFileSizeEx
WriteConsoleA
HeapAlloc
HeapDestroy
IsValidLocale
GetLocalTime
GetOEMCP
RaiseException
CreateFileW
GetConsoleOutputCP
ReleaseSemaphore
SetStdHandle
GetConsoleMode
CreateEventW
WriteFile
LeaveCriticalSection
SetFilePointer
ReadFile
GetDiskFreeSpaceW
SetHandleCount
LCMapStringW
EnumSystemLocalesA
WideCharToMultiByte
UnhandledExceptionFilter
EnterCriticalSection
GetACP
SetEnvironmentVariableA
GetTimeFormatA
HeapReAlloc
CloseHandle
CompareStringA
GetCommandLineA
GetCurrentThreadId
DeviceIoControl
IsValidCodePage
WriteConsoleW
CreateThread
CompareStringW
HeapSize
InitializeCriticalSectionAndSpinCount
CancelIo
QueryDosDeviceW
CreateSemaphoreW
FreeEnvironmentStringsW
WaitNamedPipeW
VirtualFree
DeleteCriticalSection
SetLastError
WaitForSingleObject
FindNextFileW
FlushFileBuffers
GetStdHandle
FreeEnvironmentStringsA
GetConsoleCP
TlsGetValue
CreateWaitableTimerW
RtlUnwind
GetOverlappedResult
CreateFileA
TlsAlloc
FatalAppExitA
WaitForMultipleObjects
FindClose
VirtualAlloc
LockFileEx
GetUserDefaultLCID
SetUnhandledExceptionFilter
LCMapStringA
TlsSetValue
GetTimeZoneInformation
FindFirstFileW
DisconnectNamedPipe
ReleaseMutex
GetSystemTimeAsFileTime
ResetEvent
GetLogicalDrives
FreeLibrary
UnlockFileEx
GetComputerNameW
SetWaitableTimer
CreateNamedPipeW
IsDebuggerPresent
CompareFileTime
VirtualAllocEx

ntdll

ZwClose
NtQueryFullAttributesFile
_wcsicmp
memcpy
memset
ZwCreateSection
memcmp
ZwQueryDirectoryFile
_wcsnicmp
NtQueryInformationFile
strlen
memmove
ZwOpenFile
towupper
RtlInitUnicodeString
ZwMapViewOfSection
RtlNtStatusToDosError
wcslen
RtlCompareMemory
ZwUnmapViewOfSection

oleaut32

LoadRegTypeLib
VarI1FromDate
VarDecNeg
VarCat
VarUI4FromStr
SysReAllocString
VarBstrFromUI2
VarI4FromDisp
VarUI4FromI4
VarR8FromUI1
VarR4FromUI2
VarCyCmp
LHashValOfNameSys
DispInvoke
SafeArrayGetRecordInfo
VarCyFromDec
SafeArrayCopyData
VarUI1FromDisp
VarI2FromUI4
VarI4FromDate
SafeArrayDestroyData
SysAllocStringByteLen
VariantInit
VarI4FromI8
VarCyFromUI4
VarR4FromR8
VarOr
VarUI4FromDec
VarUI2FromDisp
VarI4FromI1
VarDateFromUI4
VectorFromBstr

odbccu32

SQLGetDescRec
SQLNumParams
SQLMoreResults
SQLBindCol
SQLExecDirect

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 55KB - Virtual size: 648KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 161KB - Virtual size: 706KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 818KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5577dfb91d8c753e6fa2c9bb2b8a555

Headers

File Characteristics

Imports

advapi32

kernel32

ntdll

oleaut32

odbccu32

Sections

.text Size: 21KB - Virtual size: 20KB

.bss Size: 55KB - Virtual size: 648KB

.reloc Size: 161KB - Virtual size: 706KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 74KB - Virtual size: 818KB

.rsrc Size: 18KB - Virtual size: 39KB

.text
Size: 21KB - Virtual size: 20KB

.bss
Size: 55KB - Virtual size: 648KB

.reloc
Size: 161KB - Virtual size: 706KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 74KB - Virtual size: 818KB

.rsrc
Size: 18KB - Virtual size: 39KB