JaffaCakes118_d85627e51994dee03b2f30779b3246bb

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_d85627e51994dee03b2f30779b3246bb
Size

261KB
MD5

d85627e51994dee03b2f30779b3246bb
SHA1

6f817441b910852e644047c9ed523c420a4533d8
SHA256

e4a4e0ac0d303e28ed9a2f18d4ab90b71e1d6b15eafff42a47d60b665bde107b
SHA512

87e1dc4e6b356b7427494caf30146bc04c59023c7d28994e4b7ff59050e678c5209a732c21976c27758d329977517655e5ae01ca84bf427a846ffa58cd181bad
SSDEEP

6144:zOUSmwCerbJkdP0SEJiym14LulcdZ4Bu4i/LxKsjs0Ta:zUrbJPSEUOrZ4Bri/XsH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_d85627e51994dee03b2f30779b3246bb

Files

JaffaCakes118_d85627e51994dee03b2f30779b3246bb
.exe windows:4 windows x86 arch:x86

49fca4829f8844945990846b75e91be4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetImageCount
ImageList_Destroy
ImageList_DrawEx
ImageList_GetIconSize
_TrackMouseEvent

oleaut32

VariantClear
SysFreeString
SysAllocString

gdi32

StretchBlt
GetBitmapBits
ExtTextOutW
EnumFontFamiliesExW
CreateRectRgnIndirect
GetPixel
DeleteObject
CreateDIBSection
SetStretchBltMode
SetTextColor
Escape
TextOutW
CreateSolidBrush
Polygon
PtVisible
RoundRect
GetTextExtentPoint32W
CreateCompatibleDC
SetPixel
GetDeviceCaps
CreateCompatibleBitmap
CreateBitmap
GetDIBits
GetObjectW
CreateFontIndirectW
RectVisible
SelectObject
CreatePen
DeleteDC
SetBkColor
BitBlt
GetViewportOrgEx

kernel32

GetModuleHandleA
EnumResourceNamesW
lstrcmpA
LoadResource
GetModuleHandleW
MulDiv
FreeResource
GetProcessHeap
EnumResourceTypesW
GlobalAlloc
GetWindowsDirectoryW
LocalAlloc
LoadLibraryExW
SizeofResource
UnhandledExceptionFilter
FindResourceW
IsDebuggerPresent
DeleteCriticalSection
LocalFree
SetLastError
GetSystemTimeAsFileTime
GlobalUnlock
EnumResourceLanguagesW
LeaveCriticalSection
SetUnhandledExceptionFilter
EnterCriticalSection
FreeLibrary
HeapFree
LockResource
GlobalLock
WideCharToMultiByte
GetCurrentThreadId
lstrlenW
VirtualAlloc

ole32

OleInitialize
OleUninitialize

user32

SetCapture
GetCapture
ReleaseCapture
GetClientRect
SetRectEmpty
GetSystemMetrics
GetNextDlgTabItem
ReleaseDC
InvalidateRect
InflateRect
ShowWindow
GetDC
GetKeyState
DispatchMessageW
DrawTextExW
ClientToScreen
SetFocus
CallNextHookEx
GetParent
GetCursor
RegisterClipboardFormatW
TabbedTextOutW
GetIconInfo
ShowScrollBar
DefWindowProcW
DrawFocusRect
IntersectRect
WindowFromPoint
IsChild
LookupIconIdFromDirectoryEx
PeekMessageW
IsWindow
GetWindowLongW
LoadCursorW
SendMessageW
LoadMenuW
SetRect
SetWindowsHookExW
GetDesktopWindow
InvertRect
LoadImageW
ScreenToClient
CreateIconFromResourceEx
SystemParametersInfoW
IsWindowVisible
DrawTextW
SetTimer
GetCursorPos
PtInRect
EnableWindow
GetForegroundWindow
GetLastActivePopup
RegisterWindowMessageW
DestroyIcon
UnhookWindowsHookEx
CopyIcon
SetCursor
CopyRect
CreateIconIndirect
RedrawWindow
EqualRect
GetSysColor
SetWindowPos
DrawStateW
GetWindowRect
KillTimer
OffsetRect
DrawIconEx
IsRectEmpty
GetFocus
GetMessageW
GetWindow
LoadBitmapW
GrayStringW

odbccp32

SQLInstallDriver
SelectTransDlg
SQLGetConfigMode
SQLInstallTranslatorW
SQLValidDSN
SQLSetConfigMode

dhcpcsvc

DhcpOpenGlobalEvent
McastGenUID
DhcpReleaseIpAddressLease
DhcpCApiCleanup
McastEnumerateScopes

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.eXIF
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iOfr
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jEP
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.T
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.HJpQT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.s
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lDnhy
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RN
Size: 512B - Virtual size: 747B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ygmNv
Size: 512B - Virtual size: 513B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 212KB - Virtual size: 439KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HOcIvb
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QiE
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.l
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49fca4829f8844945990846b75e91be4

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

oleaut32

gdi32

kernel32

ole32

user32

odbccp32

dhcpcsvc

Sections

.text Size: 17KB - Virtual size: 16KB

.eXIF Size: 2KB - Virtual size: 2KB

.iOfr Size: 1KB - Virtual size: 1KB

.jEP Size: 1KB - Virtual size: 1KB

.T Size: 2KB - Virtual size: 3KB

.HJpQT Size: 2KB - Virtual size: 2KB

.rdata Size: 4KB - Virtual size: 4KB

.s Size: 1024B - Virtual size: 1KB

.lDnhy Size: 1024B - Virtual size: 1KB

.RN Size: 512B - Virtual size: 747B

.ygmNv Size: 512B - Virtual size: 513B

.data Size: 212KB - Virtual size: 439KB

.HOcIvb Size: 2KB - Virtual size: 1KB

.QiE Size: 1KB - Virtual size: 1KB

.l Size: 1KB - Virtual size: 1KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 17KB - Virtual size: 16KB

.eXIF
Size: 2KB - Virtual size: 2KB

.iOfr
Size: 1KB - Virtual size: 1KB

.jEP
Size: 1KB - Virtual size: 1KB

.T
Size: 2KB - Virtual size: 3KB

.HJpQT
Size: 2KB - Virtual size: 2KB

.rdata
Size: 4KB - Virtual size: 4KB

.s
Size: 1024B - Virtual size: 1KB

.lDnhy
Size: 1024B - Virtual size: 1KB

.RN
Size: 512B - Virtual size: 747B

.ygmNv
Size: 512B - Virtual size: 513B

.data
Size: 212KB - Virtual size: 439KB

.HOcIvb
Size: 2KB - Virtual size: 1KB

.QiE
Size: 1KB - Virtual size: 1KB

.l
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 9KB - Virtual size: 9KB