f0634dc9ac755409a5205e37617a5e15_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f0634dc9ac755409a5205e37617a5e15_JaffaCakes118
Size

82KB
MD5

f0634dc9ac755409a5205e37617a5e15
SHA1

1d79d041b9b19b273f45bd1ee59f7b5bff689685
SHA256

23cf7e66f18ad9405cb2f3b8300ebe4c0aae3f41a801c44dd13d5a91c0ecef09
SHA512

f0b1a43625f61e1a8b5e70f631eae1bfbf2bed52c8b0b098d5a6f8984d45048dabc25a0bb4a6b08ee44dd322452db26fac6fdded2b1430eb11566f423c10bf42
SSDEEP

1536:BhqSFKVsOxUc/TMgitMQ2yYuAk/qUQ1dD36ByjcCcDU401G7Aim73:BbFGXQayNMUQ1dz6BVA12Aim

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0634dc9ac755409a5205e37617a5e15_JaffaCakes118

Files

f0634dc9ac755409a5205e37617a5e15_JaffaCakes118
.dll windows:4 windows x86 arch:x86

56577d5e8eaa4985f6e5888a821777f3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetShortPathNameW
GetModuleHandleA
VirtualProtect
RtlMoveMemory
ExitProcess
FindNextVolumeA
GetFileAttributesW
GetModuleHandleW
FormatMessageA
SwitchToThread
FindResourceA
MapViewOfFileEx
GetDiskFreeSpaceExA
GetProcAddress
GetLastError
QueryPerformanceCounter
GetTempPathA
QueryPerformanceFrequency
GlobalAddAtomA
GetProcessTimes
GetOverlappedResult
VirtualAlloc
GetFileAttributesExA
GetWriteWatch
LoadLibraryA
RegisterWaitForSingleObject
DosPathToSessionPathW
CreateFileW
GetUserDefaultLangID
WritePrivateProfileStructW

msvcrt

memcpy
isalnum
sin
isupper
ispunct
isprint
time
isupper
isspace
bsearch
_environ

user32

GetSystemMetrics
GetProcessDefaultLayout
RegisterClassExW
GetPropW
GetMessageExtraInfo
PrivateExtractIconsW
MessageBoxW
ModifyMenuW
MessageBeep
GetDC
OpenClipboard
AdjustWindowRectEx
LoadStringW
FindWindowW
DrawTextW
GetMenuState
SetMenuItemInfoW
CheckRadioButton
LoadStringA
UpdateWindow
CloseClipboard

opengl32

glIndexubv
glTexGeni
glEvalMesh1
glTexGendv
glCopyTexImage2D
wglCreateContext
glVertex4fv
glNormal3d
glColor4uiv

Exports

Exports

ToWoxsexSplgVeb
DsCoqjhfeQoow

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 142B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56577d5e8eaa4985f6e5888a821777f3

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

opengl32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 3KB - Virtual size: 2KB

.tls Size: 4KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 35KB - Virtual size: 35KB

.reloc Size: 512B - Virtual size: 142B

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 3KB - Virtual size: 2KB

.tls
Size: 4KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 35KB - Virtual size: 35KB

.reloc
Size: 512B - Virtual size: 142B