0d8e0fa4692713e156a0fd50c88663e1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d8e0fa4692713e156a0fd50c88663e1_JaffaCakes118
Size

57KB
MD5

0d8e0fa4692713e156a0fd50c88663e1
SHA1

5a959bda4bfa5acb686ea6b03db97bbc5ae8dace
SHA256

c332ce3b76cbf30712ff52be462a7428a3c507c3c13fd0b9248cc079bb42c5c4
SHA512

74007ff33d96d7ace7967ee6c1e19aec82fee0cbfec72dbc04051fda6237446b081e3acd29516ce560a56dd6befd841e1373293b2ed44a7bfa752794bb13a40c
SSDEEP

1536:W8zuh7ot935y9gLdp0wRRDt+GI5Vd5WhY0:aOt9A6dKwRWGMUY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d8e0fa4692713e156a0fd50c88663e1_JaffaCakes118

Files

0d8e0fa4692713e156a0fd50c88663e1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

29f347b7e9e30a7be80f7685a5fa0b6b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

IsUrlCacheEntryExpiredA
FtpSetCurrentDirectoryA
InternetTimeFromSystemTimeA
InternetSetCookieA
InternetReadFile
InternetOpenW
GetUrlCacheHeaderData
FindFirstUrlCacheContainerW
GetUrlCacheGroupAttributeA
CreateUrlCacheGroup
FindFirstUrlCacheEntryA
ShowX509EncodedCertificate
GetUrlCacheConfigInfoW
DeleteUrlCacheGroup
FindCloseUrlCache
InternetDialW
InternetSetOptionExW
HttpAddRequestHeadersA
DeleteUrlCacheEntryW
PrivacySetZonePreferenceW
InternetOpenUrlW
InternetAutodial
FtpGetCurrentDirectoryW
CommitUrlCacheEntryW
InternetSecurityProtocolToStringW
FtpGetFileW
InternetTimeToSystemTimeW
GopherFindFirstFileW

odbccr32

SQLSetScrollOptions
SQLCancel
SQLExecute
SQLGetDescRec
SQLFreeHandle
SQLSetDescField
SQLBindCol
SQLMoreResults
SQLFetch
SQLPrepare
SQLGetStmtAttr
SQLBindParameter
SQLTransact
SQLSetPos
SQLGetStmtOption
SQLSetConnectAttr
ReleaseCLStmtResources
SQLBulkOperations
SQLSetDescRec
SQLNativeSql
SQLNumParams
SQLSetStmtAttr
SQLSetConnectOption
SQLGetInfo
SQLExtendedFetch
SQLFetchScroll
SQLPutData
SQLSetStmtOption
SQLParamOptions
SQLCloseCursor
SQLEndTran
SQLParamData

kernel32

SetConsoleKeyShortcuts
VirtualAlloc
ReplaceFileW
GetCommandLineA
GetConsoleCommandHistoryA
GetProcAddress
LocalLock
SetFileValidData
SetEvent
Process32Next
SetTermsrvAppInstallMode
EnumSystemLanguageGroupsW
TerminateThread
GetACP
GetPrivateProfileStringW
WriteConsoleOutputW
WriteProcessMemory
GetConsoleProcessList
LoadLibraryA
WriteProfileStringW
OpenFileMappingW
LocalSize
WaitForSingleObject
FatalAppExitA
InitializeCriticalSection
GetProcessVersion
CancelDeviceWakeupRequest
IsValidLocale
GetPrivateProfileSectionW
GetStartupInfoW
SetLocalTime
_lread
GetModuleFileNameA

ntdll

NtSetInformationFile
ZwSetLowWaitHighEventPair
NtOpenFile
RtlSecondsSince1980ToTime
RtlRealPredecessor
CsrSetPriorityClass
ZwQuerySystemTime
ZwSetEaFile
NtResumeThread
atol
ZwSetSystemEnvironmentValue
RtlInitUnicodeStringEx
RtlEnumProcessHeaps
RtlExitUserThread
LdrQueryProcessModuleInformation
RtlxOemStringToUnicodeSize
RtlCreateTimer
NtQueryPerformanceCounter
NtQueryInformationJobObject
NtSetLowEventPair
RtlUnhandledExceptionFilter
ZwRaiseException
NtOpenObjectAuditAlarm
RtlFindActivationContextSectionString
ZwWaitLowEventPair
RtlCreateProcessParameters
RtlNormalizeProcessParams

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29f347b7e9e30a7be80f7685a5fa0b6b

Headers

DLL Characteristics

File Characteristics

Imports

wininet

odbccr32

kernel32

ntdll

Sections

.text Size: 42KB - Virtual size: 41KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 42KB - Virtual size: 41KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 8KB