10bfbd5dd82ffefa6e4c9bd3ced19269_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

10bfbd5dd82ffefa6e4c9bd3ced19269_JaffaCakes118
Size

335KB
MD5

10bfbd5dd82ffefa6e4c9bd3ced19269
SHA1

22223c23d5db563dbd5b8ffb6873f8f946d709d9
SHA256

aa2cbc969756a2e129fbae36a7281e5025c4caba68e2b0151f6bf489d96fd3e5
SHA512

4e565f865a56646c01dc954205d74b325579f2b7f457f2199a3a988316c4228db22e5cdd54326f175beb1a147b8b3eb8149e412f2463f51ec2e2cd5cb697b9e9
SSDEEP

6144:DDTkT+bYTdPpcjNE4IitaE5XGUSa2Ux4S+RFWKvk6f:4T5TDc64IitaF5arik

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10bfbd5dd82ffefa6e4c9bd3ced19269_JaffaCakes118

Files

10bfbd5dd82ffefa6e4c9bd3ced19269_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a5577dfb91d8c753e6fa2c9bb2b8a555

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

OpenProcessToken
OpenSCManagerW
OpenServiceW
AdjustTokenPrivileges
LookupPrivilegeValueW
CloseServiceHandle
QueryServiceStatusEx

kernel32

CreateMutexW
SetConsoleCtrlHandler
GetModuleHandleW
GetFileType
GetDateFormatA
ConnectNamedPipe
HeapFree
TlsFree
GetFileSizeEx
WriteConsoleA
HeapAlloc
HeapDestroy
IsValidLocale
GetLocalTime
GetOEMCP
RaiseException
CreateFileW
GetConsoleOutputCP
ReleaseSemaphore
SetStdHandle
GetConsoleMode
CreateEventW
WriteFile
LeaveCriticalSection
SetFilePointer
ReadFile
GetDiskFreeSpaceW
SetHandleCount
LCMapStringW
EnumSystemLocalesA
WideCharToMultiByte
UnhandledExceptionFilter
EnterCriticalSection
GetACP
SetEnvironmentVariableA
GetTimeFormatA
HeapReAlloc
CloseHandle
CompareStringA
GetCommandLineA
GetCurrentThreadId
DeviceIoControl
IsValidCodePage
WriteConsoleW
CreateThread
CompareStringW
HeapSize
InitializeCriticalSectionAndSpinCount
CancelIo
QueryDosDeviceW
CreateSemaphoreW
FreeEnvironmentStringsW
WaitNamedPipeW
VirtualFree
DeleteCriticalSection
SetLastError
WaitForSingleObject
FindNextFileW
FlushFileBuffers
GetStdHandle
FreeEnvironmentStringsA
GetConsoleCP
TlsGetValue
CreateWaitableTimerW
RtlUnwind
GetOverlappedResult
CreateFileA
TlsAlloc
FatalAppExitA
WaitForMultipleObjects
FindClose
VirtualAlloc
LockFileEx
GetUserDefaultLCID
SetUnhandledExceptionFilter
LCMapStringA
TlsSetValue
GetTimeZoneInformation
FindFirstFileW
DisconnectNamedPipe
ReleaseMutex
GetSystemTimeAsFileTime
ResetEvent
GetLogicalDrives
FreeLibrary
UnlockFileEx
GetComputerNameW
SetWaitableTimer
CreateNamedPipeW
IsDebuggerPresent
CompareFileTime
VirtualAllocEx

ntdll

ZwClose
NtQueryFullAttributesFile
_wcsicmp
memcpy
memset
ZwCreateSection
memcmp
ZwQueryDirectoryFile
_wcsnicmp
NtQueryInformationFile
strlen
memmove
ZwOpenFile
towupper
RtlInitUnicodeString
ZwMapViewOfSection
RtlNtStatusToDosError
wcslen
RtlCompareMemory
ZwUnmapViewOfSection

oleaut32

LoadRegTypeLib
VarI1FromDate
VarDecNeg
VarCat
VarUI4FromStr
SysReAllocString
VarBstrFromUI2
VarI4FromDisp
VarUI4FromI4
VarR8FromUI1
VarR4FromUI2
VarCyCmp
LHashValOfNameSys
DispInvoke
SafeArrayGetRecordInfo
VarCyFromDec
SafeArrayCopyData
VarUI1FromDisp
VarI2FromUI4
VarI4FromDate
SafeArrayDestroyData
SysAllocStringByteLen
VariantInit
VarI4FromI8
VarCyFromUI4
VarR4FromR8
VarOr
VarUI4FromDec
VarUI2FromDisp
VarI4FromI1
VarDateFromUI4
VectorFromBstr

odbccu32

SQLGetDescRec
SQLNumParams
SQLMoreResults
SQLBindCol
SQLExecDirect

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 55KB - Virtual size: 648KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 161KB - Virtual size: 706KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 818KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5577dfb91d8c753e6fa2c9bb2b8a555

Headers

File Characteristics

Imports

advapi32

kernel32

ntdll

oleaut32

odbccu32

Sections

.text Size: 21KB - Virtual size: 20KB

.bss Size: 55KB - Virtual size: 648KB

.reloc Size: 161KB - Virtual size: 706KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 74KB - Virtual size: 818KB

.rsrc Size: 18KB - Virtual size: 39KB

.text
Size: 21KB - Virtual size: 20KB

.bss
Size: 55KB - Virtual size: 648KB

.reloc
Size: 161KB - Virtual size: 706KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 74KB - Virtual size: 818KB

.rsrc
Size: 18KB - Virtual size: 39KB