143451386e0750c74b09d5f149245a81_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

143451386e0750c74b09d5f149245a81_JaffaCakes118
Size

359KB
MD5

143451386e0750c74b09d5f149245a81
SHA1

57f8e064192a46c6af13311a5ad53f79da1ab834
SHA256

240d99881bf59dfca2a94c58caf07e47ad087eb04176fb8029d65ce6decd0c8c
SHA512

ae403826a644f1515065f7ef24140314c7f93d41a9c65e58d38f345b9fc2a5f2d752f476b1b227ec3d43b914f46c6d5ca78f8fd48b80a0ecb5959790e41b7312
SSDEEP

6144:PZ87FqzRgLzw/chkO3Q+BPQEPkcn2c+Z0HaUmtimc2:PZ+oRgLz8OA+BzPkcn2c+0mttt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
143451386e0750c74b09d5f149245a81_JaffaCakes118

Files

143451386e0750c74b09d5f149245a81_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1d90956558d964a77663064849cfc0a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
SetHandleCount
CreateThread
VirtualQuery
lstrlenW
SetLastError
lstrcmpiA
GetSystemInfo
TlsFree
FreeEnvironmentStringsW
DeleteCriticalSection
FreeEnvironmentStringsA
LocalFree
CompareStringW
VirtualAlloc
TlsSetValue
GetCommandLineA
RaiseException
FreeLibrary
MoveFileA
LoadResource
VirtualProtect
GetFileType
WideCharToMultiByte
GetCurrentDirectoryA
HeapDestroy
SetFilePointer
GetModuleHandleA
FindResourceA
LoadLibraryExA
GetFullPathNameA
EnumSystemLocalesA
IsValidLocale
IsDBCSLeadByte
GetOEMCP
CreateFileA
HeapFree
SetUnhandledExceptionFilter
OpenEventA
CloseHandle
PulseEvent
SetStdHandle
lstrcpyA
FlushFileBuffers
LeaveCriticalSection
FormatMessageA
WaitForSingleObject
HeapReAlloc
FindFirstFileA
ReadFile
HeapSize
GetTimeZoneInformation
lstrcatA
lstrlenA
DeleteFileA
SetEnvironmentVariableA
FindClose
LCMapStringA
HeapAlloc
CompareStringA
lstrcpynA
GetCurrentThreadId
GetStdHandle
IsBadCodePtr
GetSystemTimeAsFileTime
FileTimeToSystemTime
VirtualFree
GetUserDefaultLCID
SetEndOfFile
IsValidCodePage
GetThreadLocale
SizeofResource
EnterCriticalSection
TlsAlloc
GetProcessHeap
TlsGetValue
LCMapStringW
UnhandledExceptionFilter
RtlUnwind
LockResource
GetACP
WriteFile
VirtualAllocEx

advapi32

RegEnumKeyExA
RegQueryInfoKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
RegDeleteKeyA

oleaut32

VariantChangeType
VariantInit
SysStringLen
VarUI4FromStr
SafeArrayUnlock
SysStringByteLen
SysAllocStringLen
SetErrorInfo
DispCallFunc
SafeArrayGetVartype
LoadTypeLi
SysAllocStringByteLen
SafeArrayDestroy
UnRegisterTypeLi
SysFreeString
SafeArrayGetLBound
CreateErrorInfo
VariantCopy
SafeArrayRedim
SysAllocString
VarBstrCmp
RegisterTypeLi
VariantClear
SafeArrayCreate
SafeArrayLock
SafeArrayGetUBound
GetErrorInfo
VariantCopyInd
SafeArrayCopy
LoadRegTypeLi

shlwapi

PathFindExtensionA

ole32

ProgIDFromCLSID
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc

user32

wsprintfA
CharNextA
LoadStringA
CharUpperBuffA

atmlib

ATMFinish
ATMGetNtmFields
ATMGetFontInfoA
ATMRemoveFontA
ATMGetFontPaths
ATMAddFont
ATMAddFontA
ATMGetPostScriptNameW

sqlsrv32

ConnectDlgProc
SQLExtendedFetch
SQLPrimaryKeysW
TestDlgProc
SQLGetTypeInfoW
SQLGetStmtAttrW
SQLSetCursorNameW
SQLProcedureColumnsW
SQLColAttributeW
BCP_exec

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 329KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d90956558d964a77663064849cfc0a7

Headers

File Characteristics

Imports

kernel32

advapi32

oleaut32

shlwapi

ole32

user32

atmlib

sqlsrv32

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 329KB - Virtual size: 1.6MB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 329KB - Virtual size: 1.6MB

.rsrc
Size: 4KB - Virtual size: 3KB