JaffaCakes118_1bf1f1f18de92e6b0f788443093d89a906478866c45fae264fd29710548c03f7

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_1bf1f1f18de92e6b0f788443093d89a906478866c45fae264fd29710548c03f7
Size

752KB
MD5

539f724ca9fc23858c0d5b46255e5863
SHA1

b7f1329e2dea4293ca79a6da42a5d73c79879fff
SHA256

1bf1f1f18de92e6b0f788443093d89a906478866c45fae264fd29710548c03f7
SHA512

f77f01c68d29110556638d3d67d6b2ff3d774f9294b20ba3089e50ea52a8261df71ff9d72e5b3f5826b719d044379146f6823f200f8420b712686736f880b9e6
SSDEEP

12288:i4LsLS+q4HNOZOt65wgGKRXA91YT6SaKkViJ7hWD5UvrVk5T8TVQZD:ES+btOZOt1cRA9CoKQiFhWD5cBa8QN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_1bf1f1f18de92e6b0f788443093d89a906478866c45fae264fd29710548c03f7

Files

JaffaCakes118_1bf1f1f18de92e6b0f788443093d89a906478866c45fae264fd29710548c03f7
.exe windows:4 windows x86 arch:x86

fbd6be78e0b891e8cc3a06f0b67e0e26

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Donny\Downloads\SQL_Junior1507231232002\Logility\utils3\SQLJunior\Release\SQLJunior.pdb

Imports

kernel32

GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
TerminateProcess
ExitThread
CreateThread
SetStdHandle
GetFileType
HeapSize
FatalAppExitA
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetStdHandle
VirtualQuery
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetConsoleCtrlHandler
GetLocaleInfoW
SetEnvironmentVariableA
GetSystemInfo
VirtualAlloc
HeapFree
HeapAlloc
RtlUnwind
GetDiskFreeSpaceA
GetTempFileNameA
GetTickCount
SetErrorMode
GetFileTime
GetFileAttributesA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
lstrcpyW
LocalLock
LocalUnlock
GetShortPathNameA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
GetCurrentDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
SystemTimeToFileTime
FileTimeToSystemTime
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
LeaveCriticalSection
LocalAlloc
GlobalFlags
FindResourceExA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GlobalReAlloc
InterlockedDecrement
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
GetModuleFileNameA
SetLastError
CopyFileA
MulDiv
GlobalSize
GlobalAlloc
FormatMessageA
LocalFree
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
GlobalLock
GlobalUnlock
FreeResource
GlobalFree
VirtualProtect
GetStringTypeExW
GetStringTypeExA
GetEnvironmentVariableW
GetEnvironmentVariableA
CompareStringW
CompareStringA
lstrlenA
lstrcmpiW
lstrlenW
lstrcmpiA
GetVersion
GetLastError
MultiByteToWideChar
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
UnhandledExceptionFilter
Sleep

user32

InflateRect
SetWindowContextHelpId
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
ShowOwnedPopups
SetCursor
PostQuitMessage
GetMenuStringA
InsertMenuA
RemoveMenu
wsprintfA
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
ScrollWindowEx
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageA
WinHelpA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMenuItemInfoA
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
MessageBoxA
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
EnableWindow
SendMessageA
EndPaint
AppendMenuA
PostMessageA
GetSystemMenu
IsIconic
GetWindowRect
GetClientRect
LoadIconA
GetSystemMetrics
CharLowerA
CharLowerW
CharUpperA
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
DestroyMenu
FillRect
TabbedTextOutA
DrawTextA
DrawTextExA
SetScrollInfo
GetClassInfoA
RegisterClassA
UnregisterClassA
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
GrayStringA
ClientToScreen
GetDC
GetWindowDC
GetMessageTime
BeginPaint
CharUpperW
LockWindowUpdate
GetKeyState
IsWindowEnabled
GetDlgItem
GetParent
GetWindowLongA
SetFocus
GetFocus
GetAsyncKeyState
SetActiveWindow
GetActiveWindow
GetCapture
ShowWindow
SetWindowPos
MapDialogRect
EndDialog
GetNextDlgTabItem
IsWindow
DestroyWindow
CreateDialogIndirectParamA
GetDesktopWindow
GetWindow
GetKeyNameTextA
MapVirtualKeyA
GetDialogBaseUnits
GetSysColorBrush
LoadCursorA
SetCapture
WindowFromPoint
ReleaseCapture
GetWindowThreadProcessId
WaitMessage
DeleteMenu
DestroyIcon
IsClipboardFormatAvailable
MessageBeep
SetRect
GetTabbedTextExtentA
InvalidateRect
CharNextA
IsRectEmpty
SetParent
GetDCEx
KillTimer
SetTimer
PostThreadMessageA
UnionRect
RegisterClipboardFormatA
LoadMenuA
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorA
GetNextDlgGroupItem
InvalidateRgn
DrawIcon
CopyAcceleratorTableA
ReleaseDC

gdi32

CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreateRectRgnIndirect
PatBlt
GetTextMetricsA
EnumFontFamiliesExA
DPtoLP
GetCharWidthA
GetBkColor
GetTextColor
PlayMetaFile
SetRectRgn
CombineRgn
GetMapMode
CreateCompatibleBitmap
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
StretchDIBits
CreateFontA
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
GetStockObject
CreatePatternBrush
CreateDIBPatternBrushPt
DeleteDC
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
RectVisible
PtVisible
StartDocA
GetPixel
GetRgnBox
GetDCOrgEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetTextExtentPoint32A
ExtTextOutA
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateDCA
CopyMetaFileA
GetDeviceCaps
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetWindowExtEx

comdlg32

PrintDlgA
PageSetupDlgA
FindTextA
ReplaceTextA
CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

GetJobA
OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

GetFileSecurityA
RegCloseKey
RegSetValueA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyA
SetFileSecurityA
SetFileSecurityW

shell32

SHGetFileInfoA
DragFinish
DragQueryFileA
ExtractIconA

comctl32

PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ord17
ord13
ImageList_Read
ImageList_Write
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge
ImageList_Draw
ImageList_GetImageInfo

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

StringFromGUID2
CoDisconnectObject
CoCreateInstance
OleRun
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
ReleaseStgMedium
CoTaskMemAlloc
CoGetClassObject
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CreateStreamOnHGlobal
CreateBindCtx

oleaut32

SafeArrayDestroyData
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
VarDateFromStr
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
OleCreateFontIndirect
LoadTypeLi
SafeArrayDestroy

odbc32

ord16
ord26
ord4
ord18
ord13
ord11
ord24
ord8
ord35
ord36
ord5
ord51
ord50
ord45
ord44
ord68
ord43
ord59
ord46
ord12
ord19
ord49
ord48
ord20
ord61
ord3
ord14
ord9
ord15
ord23
ord1
ord2
ord10
ord41
ord17
ord72
ord31

Sections

.text
Size: 416KB - Virtual size: 415KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbd6be78e0b891e8cc3a06f0b67e0e26

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

odbc32

Sections

.text Size: 416KB - Virtual size: 415KB

.rdata Size: 116KB - Virtual size: 113KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 204KB - Virtual size: 201KB

.text
Size: 416KB - Virtual size: 415KB

.rdata
Size: 116KB - Virtual size: 113KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 204KB - Virtual size: 201KB