0f09fdcfb10d717e1b6e11b994e35115_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0f09fdcfb10d717e1b6e11b994e35115_JaffaCakes118
Size

45KB
MD5

0f09fdcfb10d717e1b6e11b994e35115
SHA1

63764516bc7a72a8c5dca397f45bd4be080df2a2
SHA256

5b0b11d7abe9811b73ddc98d1911256ae67c363b92c97a733ea6a949429c0e48
SHA512

ee8cfeff186babd21ea40de02619080a6f4243aa76bfc9f5e4bfaa0b71cff709d1bca464842a202e16d2b153df416a92ce531bbb84a11b3ad9bd3fef6bf429d5
SSDEEP

768:6zHY+UIL/aKRTi9tMt3a8z6+gxikEU8vM8Z+tQdoKQanjrbhE3LF645E:CHYyRTCMt3aO9kU1+tnanjrk4U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f09fdcfb10d717e1b6e11b994e35115_JaffaCakes118

Files

0f09fdcfb10d717e1b6e11b994e35115_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5ce271f63d24b8f993970194d85f65e2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_ismbcgraph
_wtempnam
iswxdigit
_umask
_strcmpi
??3@YAXPAX@Z
__p___argv
__pctype_func
labs
iswupper
__CxxUnregisterExceptionObject
vwprintf
??_E__non_rtti_object@@UAEPAXI@Z
_wfreopen
_isatty
_mbsicoll
_HUGE
_wctime64
_filelengthi64
is_wctype
_wcsicoll
_daylight
abort
_lrotl
log10
__getmainargs
ungetc
__DestructExceptionObject
wcstombs
?raw_name@type_info@@QBEPBDXZ
isxdigit
fabs
_CIatan2
__p__osver
_mbcjmstojis
__set_app_type
exit
_wtmpnam
__p__commode
putc
memchr
_get_osfhandle
_adj_fdivr_m32
_localtime64
__fpecode
__CxxQueryExceptionSize
_findfirst64
vsprintf

kernel32

BindIoCompletionCallback
GetFileTime
GlobalCompact
GetLocaleInfoA
GetComputerNameW
BuildCommDCBAndTimeoutsA
Heap32ListFirst
GetNativeSystemInfo
GetCurrentThread
OpenEventA
GetShortPathNameW
DnsHostnameToComputerNameW
LoadLibraryW
FindVolumeClose
GetModuleHandleW
ConvertDefaultLocale
TlsAlloc
EnumTimeFormatsW
GetOEMCP
LZDone
PurgeComm
EnumResourceLanguagesA

icm32

CMTranslateRGBsExt
CMCreateTransformW
CMDeleteTransform
CMTranslateColors
CMGetNamedProfileInfo
CMCreateDeviceLinkProfile
CMCheckRGBs
CMCheckColors
CMCheckColorsInGamut
CMCreateProfileW
CMCreateTransformExtW
CMCreateTransform
CMConvertColorNameToIndex
CMIsProfileValid
CMTranslateRGBs
CMTranslateRGB
CMCreateProfile
CMGetInfo
CMCreateTransformExt
CMConvertIndexToColorName
CMCreateMultiProfileTransform

odbc32

SQLPrimaryKeysA
SQLPrimaryKeysW
SQLAllocConnect
SQLSetStmtAttrW
SQLProcedureColumnsA
SQLSetConnectOptionW
SQLGetInfoA
SQLColumns
SQLTablePrivileges
SQLGetDiagFieldW

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ce271f63d24b8f993970194d85f65e2

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

icm32

odbc32

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 284B

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 284B

.rsrc
Size: 6KB - Virtual size: 5KB