f0ffefcbada32df561c6a1a6dd010bd5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f0ffefcbada32df561c6a1a6dd010bd5_JaffaCakes118
Size

136KB
MD5

f0ffefcbada32df561c6a1a6dd010bd5
SHA1

beddadbd2a4333782857b6b9cd3598ceb2d4901f
SHA256

c02b00636400bb94fb0599dca67e29401b2f02d43235934226b79e1d499b930b
SHA512

5c0571862b06dac97df6aede8215ddba75cf077282bce5f7d55e983a5a9089eb3ea90dbc9a14b5ede051ea49f4b19c206f507e619e28b3c93af67db65f834373
SSDEEP

3072:F9IJxnzTYK18jVj7WKJNZTo3o3V2TEVuCLYw10EM9P:Fgxnzr18jVWANZTHUTxKYw1YP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0ffefcbada32df561c6a1a6dd010bd5_JaffaCakes118

Files

f0ffefcbada32df561c6a1a6dd010bd5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

250fda79febe64b99ef938228f8fd939

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UpdateResourceA
VirtualFree
LoadLibraryW
HeapAlloc
VirtualProtect
FindFirstFileW
ExitThread
GetCurrentProcess
_lclose
GetProcAddress
DeleteTimerQueue
UnmapViewOfFile
OutputDebugStringA
GetLastError
GetModuleHandleA
GetStringTypeW
WriteConsoleW
GetWindowsDirectoryA
VirtualAlloc
lstrlenA
FreeLibrary

msvcrt

wcslen
_wcmdln
__CxxFrameHandler
__p__commode
__initenv
_adjust_fdiv
wcscmp
wcschr
_c_exit
free
swscanf
_exit
_controlfp
_ftol
_iob
wcscat
__p__fmode
_snwprintf
memcpy
swprintf
strncpy
_purecall
_except_handler3
_wtol
iswcntrl
__winitenv
wcscpy
__dllonexit
_vsnprintf
malloc
_cexit

user32

RegisterClassA
DestroyWindow
SetScrollPos
CheckDlgButton
DialogBoxParamA
ReleaseDC
ReleaseCapture
BeginPaint
LoadCursorA
ScreenToClient
GetCursorPos
IsWindow
SendMessageW
SetCapture
SendMessageA
LoadCursorW
GetParent
LoadMenuW
DispatchMessageW
GetMenuItemCount
MapWindowPoints
CopyRect
GetProcessWindowStation
wsprintfW
LoadImageW
UnregisterClassW
ClientToScreen

gdi32

CreateBitmap
SetTextColor
RestoreDC
SetBkMode
Rectangle
TranslateCharsetInfo
CreateCompatibleDC
StretchBlt
PatBlt
CreateFontIndirectW

opengl32

wglShareLists
glStencilMask
GlmfBeginGlsBlock
glTexCoord2d
glColor4i
glColor4f
glColor3ui
glFogfv
glColor4d
glTexCoord2dv

Exports

Exports

MbmUbbkdurQicmn
TfbufkePmbyvqk
ZwPszbjiePisetg

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

250fda79febe64b99ef938228f8fd939

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 2KB

.crt Size: 512B - Virtual size: 17B

.edata Size: 512B - Virtual size: 124B

.data Size: 55KB - Virtual size: 54KB

.rsrc Size: 64KB - Virtual size: 63KB

.reloc Size: 512B - Virtual size: 100B

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 2KB

.crt
Size: 512B - Virtual size: 17B

.edata
Size: 512B - Virtual size: 124B

.data
Size: 55KB - Virtual size: 54KB

.rsrc
Size: 64KB - Virtual size: 63KB

.reloc
Size: 512B - Virtual size: 100B