47c03bb8e2233fc84e272550b3690f1a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

47c03bb8e2233fc84e272550b3690f1a_JaffaCakes118
Size

28KB
MD5

47c03bb8e2233fc84e272550b3690f1a
SHA1

4ee2a848193e5aa2aecd0c0c580ba4b5ba4b6c50
SHA256

30802b4f3f0f18d0e84e5dbefb81ecf6455d2091c32161cfbfa98b2a1cd31345
SHA512

1c383b4850c037174cfaed476b4fdf5b1dc148a67b89b2a608de5aa44e2ebdb8d4b4c00a598ef19f98898ee0bd085f9c86fe43874662d10d70c22697a9acdc94
SSDEEP

768:HJ0yMG9U1USTUflQ+t2/O9gPggjrTcurpe4lFspS0PG:p0yMG9yU0USg2/OKPggfTc4peespfO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/sspipes.scr

Files

47c03bb8e2233fc84e272550b3690f1a_JaffaCakes118
.cab
sspipes.scr
.exe windows:3 windows x86 arch:x86

ffb073ad440801116ed3ab8f1a273454

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

kernel32

GetModuleFileNameA
GetStdHandle
UnhandledExceptionFilter
RtlUnwind
GetFileType
GetProcessHeap
WriteFile
GetStringTypeW
HeapAlloc
GetStartupInfoA
SetPriorityClass
GetPrivateProfileStringW
LCMapStringW
CompareStringW
GetSystemTime
GetCommandLineA
GetEnvironmentStrings
GetVersion
GetCommandLineW
GetModuleHandleW
GetPriorityClass
GetCurrentProcess
ExitProcess
CreateFileW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CloseHandle
LocalAlloc
LocalFree
SearchPathW
GetWindowsDirectoryW
WritePrivateProfileStringW
lstrlenW
GetPrivateProfileIntW
lstrcatW
FlushFileBuffers
SetStdHandle
GetLastError
CreateFileA
SetFilePointer
lstrcpyW
lstrcmpiW
MultiByteToWideChar
WideCharToMultiByte
HeapFree

gdi32

GetStockObject
DeleteDC
SetDIBits
SelectObject
CreateDIBSection
CreateCompatibleDC
RealizePalette
GetDeviceCaps
CreateSolidBrush
GdiFlush
UnrealizeObject
DeleteObject
ChoosePixelFormat
SetPixelFormat
GetPixelFormat
DescribePixelFormat
CreatePalette
SetSystemPaletteUse
SelectPalette

user32

GetWindowLongW
CallNextHookEx
GetActiveWindow
LoadIconW
PostQuitMessage
PostMessageW
SetCursorPos
GetCursorPos
SetWindowsHookW
DefWindowProcW
RegisterWindowMessageW
DispatchMessageW
GetMessageW
TranslateMessage
DestroyWindow
RegisterClassW
CreateWindowExW
FillRect
KillTimer
BeginPaint
EndPaint
GetDC
SetTimer
PostMessageA
ReleaseDC
GetClientRect
EndDialog
MessageBoxW
CheckDlgButton
EnableWindow
SetScrollRange
SetScrollPos
GetDlgItem
GetScrollPos
wsprintfW
LoadStringW
LoadStringA
MessageBoxA
GetFocus
wsprintfA
UnhookWindowsHook
SetCursor
DialogBoxParamW

opengl32

glMapGrid2f
glTexImage2D
glLoadIdentity
glScalef
glMatrixMode
glIsList
glTexParameteri
glTexEnvi
glPixelStorei
glEvalMesh2
glMap2f
glGetIntegerv
glMaterialfv
glMaterialf
glGenLists
glNormal3f
glVertex3f
glViewport
wglMakeCurrent
wglCreateContext
wglDeleteContext
wglGetCurrentDC
glCullFace
glLightfv
glLightModelfv
glEnable
glDepthFunc
glFrontFace
glClearColor
glOrtho
glEndList
glNewList
glRotatef
glPopMatrix
glCallList
glDisable
glTranslatef
glPushMatrix
glClear
glFlush
glEnd
glVertex3fv
glTexCoord2f
glNormal3fv
glBegin

comdlg32

GetOpenFileNameW

glu32

gluScaleImage
gluPerspective

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ffb073ad440801116ed3ab8f1a273454

Headers

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

opengl32

comdlg32

glu32

Sections

.text Size: 34KB - Virtual size: 34KB

.data Size: 13KB - Virtual size: 21KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 34KB - Virtual size: 34KB

.data
Size: 13KB - Virtual size: 21KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 4KB