10d7065e786b90623e90dd8cf527388c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

10d7065e786b90623e90dd8cf527388c_JaffaCakes118
Size

261KB
MD5

10d7065e786b90623e90dd8cf527388c
SHA1

2efd07bc1024de2f520ff84d31998d5ee8e4de83
SHA256

771186952d7764fcd319e38554cfe3d5f19628a3d609da815a7dddc45535da2c
SHA512

faa50d54ec1654ac83a5c95c8a19a20e109cf0b3b345d426cb7c9e4a940ca5e26d421c2056e173ec071a79da640ba46646c6467b95cfcf921e49a67e9da858a8
SSDEEP

6144:2OUSmwCerbJkdP0SEJiym14LulcdZ4Bu4i/LxKsjs0Ta:qUrbJPSEUOrZ4Bri/XsH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10d7065e786b90623e90dd8cf527388c_JaffaCakes118

Files

10d7065e786b90623e90dd8cf527388c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

49fca4829f8844945990846b75e91be4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetImageCount
ImageList_Destroy
ImageList_DrawEx
ImageList_GetIconSize
_TrackMouseEvent

oleaut32

VariantClear
SysFreeString
SysAllocString

gdi32

StretchBlt
GetBitmapBits
ExtTextOutW
EnumFontFamiliesExW
CreateRectRgnIndirect
GetPixel
DeleteObject
CreateDIBSection
SetStretchBltMode
SetTextColor
Escape
TextOutW
CreateSolidBrush
Polygon
PtVisible
RoundRect
GetTextExtentPoint32W
CreateCompatibleDC
SetPixel
GetDeviceCaps
CreateCompatibleBitmap
CreateBitmap
GetDIBits
GetObjectW
CreateFontIndirectW
RectVisible
SelectObject
CreatePen
DeleteDC
SetBkColor
BitBlt
GetViewportOrgEx

kernel32

GetModuleHandleA
EnumResourceNamesW
lstrcmpA
LoadResource
GetModuleHandleW
MulDiv
FreeResource
GetProcessHeap
EnumResourceTypesW
GlobalAlloc
GetWindowsDirectoryW
LocalAlloc
LoadLibraryExW
SizeofResource
UnhandledExceptionFilter
FindResourceW
IsDebuggerPresent
DeleteCriticalSection
LocalFree
SetLastError
GetSystemTimeAsFileTime
GlobalUnlock
EnumResourceLanguagesW
LeaveCriticalSection
SetUnhandledExceptionFilter
EnterCriticalSection
FreeLibrary
HeapFree
LockResource
GlobalLock
WideCharToMultiByte
GetCurrentThreadId
lstrlenW
VirtualAlloc

ole32

OleInitialize
OleUninitialize

user32

SetCapture
GetCapture
ReleaseCapture
GetClientRect
SetRectEmpty
GetSystemMetrics
GetNextDlgTabItem
ReleaseDC
InvalidateRect
InflateRect
ShowWindow
GetDC
GetKeyState
DispatchMessageW
DrawTextExW
ClientToScreen
SetFocus
CallNextHookEx
GetParent
GetCursor
RegisterClipboardFormatW
TabbedTextOutW
GetIconInfo
ShowScrollBar
DefWindowProcW
DrawFocusRect
IntersectRect
WindowFromPoint
IsChild
LookupIconIdFromDirectoryEx
PeekMessageW
IsWindow
GetWindowLongW
LoadCursorW
SendMessageW
LoadMenuW
SetRect
SetWindowsHookExW
GetDesktopWindow
InvertRect
LoadImageW
ScreenToClient
CreateIconFromResourceEx
SystemParametersInfoW
IsWindowVisible
DrawTextW
SetTimer
GetCursorPos
PtInRect
EnableWindow
GetForegroundWindow
GetLastActivePopup
RegisterWindowMessageW
DestroyIcon
UnhookWindowsHookEx
CopyIcon
SetCursor
CopyRect
CreateIconIndirect
RedrawWindow
EqualRect
GetSysColor
SetWindowPos
DrawStateW
GetWindowRect
KillTimer
OffsetRect
DrawIconEx
IsRectEmpty
GetFocus
GetMessageW
GetWindow
LoadBitmapW
GrayStringW

odbccp32

SQLInstallDriver
SelectTransDlg
SQLGetConfigMode
SQLInstallTranslatorW
SQLValidDSN
SQLSetConfigMode

dhcpcsvc

DhcpOpenGlobalEvent
McastGenUID
DhcpReleaseIpAddressLease
DhcpCApiCleanup
McastEnumerateScopes

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.eXIF
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iOfr
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jEP
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.T
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.HJpQT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.s
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lDnhy
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RN
Size: 512B - Virtual size: 747B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ygmNv
Size: 512B - Virtual size: 513B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 212KB - Virtual size: 439KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HOcIvb
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QiE
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.l
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49fca4829f8844945990846b75e91be4

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

oleaut32

gdi32

kernel32

ole32

user32

odbccp32

dhcpcsvc

Sections

.text Size: 17KB - Virtual size: 16KB

.eXIF Size: 2KB - Virtual size: 2KB

.iOfr Size: 1KB - Virtual size: 1KB

.jEP Size: 1KB - Virtual size: 1KB

.T Size: 2KB - Virtual size: 3KB

.HJpQT Size: 2KB - Virtual size: 2KB

.rdata Size: 4KB - Virtual size: 4KB

.s Size: 1024B - Virtual size: 1KB

.lDnhy Size: 1024B - Virtual size: 1KB

.RN Size: 512B - Virtual size: 747B

.ygmNv Size: 512B - Virtual size: 513B

.data Size: 212KB - Virtual size: 439KB

.HOcIvb Size: 2KB - Virtual size: 1KB

.QiE Size: 1KB - Virtual size: 1KB

.l Size: 1KB - Virtual size: 1KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 17KB - Virtual size: 16KB

.eXIF
Size: 2KB - Virtual size: 2KB

.iOfr
Size: 1KB - Virtual size: 1KB

.jEP
Size: 1KB - Virtual size: 1KB

.T
Size: 2KB - Virtual size: 3KB

.HJpQT
Size: 2KB - Virtual size: 2KB

.rdata
Size: 4KB - Virtual size: 4KB

.s
Size: 1024B - Virtual size: 1KB

.lDnhy
Size: 1024B - Virtual size: 1KB

.RN
Size: 512B - Virtual size: 747B

.ygmNv
Size: 512B - Virtual size: 513B

.data
Size: 212KB - Virtual size: 439KB

.HOcIvb
Size: 2KB - Virtual size: 1KB

.QiE
Size: 1KB - Virtual size: 1KB

.l
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 9KB - Virtual size: 9KB