f0d5895773726a9b6a03ecea170eedcc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f0d5895773726a9b6a03ecea170eedcc_JaffaCakes118
Size

80KB
MD5

f0d5895773726a9b6a03ecea170eedcc
SHA1

29c9dcef79bd1e24af2ea95a7f1e4385d6158923
SHA256

e06885a5490883916163c5134dfbec6f8d50d2a5f2ace95000f40528a41faf53
SHA512

5a30bdb9e8c880bc2fdcf4a10d54e64180481c42527959f9d1e57d07ab4c36dfdb91d607e41feada51e119f42ed5e0752e62a252b3925fd1c4c7d47cd18a1f88
SSDEEP

1536:z5tBf6E2pRSFIXFTDNHTKWzhI813qe1BYMDzAFAlqkYU:Vrv2/SWXRJTKWlI813vBYpmkkY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0d5895773726a9b6a03ecea170eedcc_JaffaCakes118

Files

f0d5895773726a9b6a03ecea170eedcc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

87f1ad44e4f6d9a3bfee52ee754e6e8a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
FreeLibrary
GetCommandLineA
InterlockedExchange
MapViewOfFile
MapViewOfFile
SystemTimeToFileTime
GetTimeFormatW
CreateFileW
VirtualAlloc
GetVersionExA
GetConsoleOutputCP
CreateDirectoryA
GetCurrentProcessId
ExitProcess
SetFilePointer
lstrcpynW
LoadLibraryA
HeapFree
GetLastError
GetProcAddress
DeviceIoControl
GetModuleHandleW
GetModuleHandleA
SetStdHandle
GetCurrentThreadId
Sleep
VirtualAlloc
CreateProcessA
GetCurrentThread
GlobalUnlock
GetTempFileNameW
GetSystemTime
DosDateTimeToFileTime
LoadLibraryA
ReadFile
GetVolumeInformationW
GetFileInformationByHandle

msvcrt

_snwprintf
strchr
memmove
_wtoi
wcstol
ispunct
wcscpy
_wcsicmp
_except_handler3
fflush
memcpy
strncpy
_onexit
toupper
_initterm
__CxxFrameHandler
_wtol
_XcptFilter
_vsnprintf
_exit
__getmainargs
fprintf
__wgetmainargs
malloc

user32

DestroyWindow
EnableMenuItem
CopyRect
TranslateAcceleratorW
IsWindow
SetScrollPos
ShowWindow
GetProcessWindowStation
SetForegroundWindow
EnumThreadWindows
ReleaseCapture
DefDlgProcW
SetWindowsHookExW
GetActiveWindow
SetFocus
GetFocus
DrawTextW
RedrawWindow
SetTimer
FillRect
LoadStringW
GetAsyncKeyState
CheckMenuItem
CheckDlgButton
BeginPaint
GetCapture
CharUpperW
DefWindowProcW

gdi32

TextOutW
ExtTextOutW
TranslateCharsetInfo
RealizePalette
RestoreDC
SelectPalette
GetTextExtentPoint32W
SetWindowExtEx
GetTextExtentPointW
SetBkMode
SetBkColor
CreatePalette
SaveDC
StretchBlt
GetObjectW
PatBlt

opengl32

glClearDepth

Exports

Exports

KzZkoefMjvutbShq
QwzejalCluxJjrkkhQz
ItIqexkhcAtktQjytntv

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 89B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lsd0
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lsd1
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87f1ad44e4f6d9a3bfee52ee754e6e8a

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 89B

.lsd0 Size: 1KB - Virtual size: 1KB

.lsd1 Size: 1KB - Virtual size: 1KB

.rsrc Size: 66KB - Virtual size: 66KB

.reloc Size: 512B - Virtual size: 48B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 89B

.lsd0
Size: 1KB - Virtual size: 1KB

.lsd1
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 66KB - Virtual size: 66KB

.reloc
Size: 512B - Virtual size: 48B