0622761a5ef9c9e18de8329576288183_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0622761a5ef9c9e18de8329576288183_JaffaCakes118
Size

136KB
MD5

0622761a5ef9c9e18de8329576288183
SHA1

965dca6aca43529b4589e2d7d4347bf81caf3556
SHA256

cf899ba06cac4d7c39fdbeba2ef7af4d447cb51a049dda72bbdea8b7a61dd683
SHA512

96ecb01080b2c9d97dd610c91cb2f53409d5822651a6669f4274d459acceef2dafe0f28a3542bd8745b8820e88188f41876afbc52d479bed4ae9b12f1f8b0d7e
SSDEEP

3072:H92yYnsNSWS1jofwDbeG5y4tWvZ+hux1Em0HPg3eGV:HanWY1jom6hf1WvO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0622761a5ef9c9e18de8329576288183_JaffaCakes118

Files

0622761a5ef9c9e18de8329576288183_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c941c9486a1aaf289e46e9fe46962689

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleW
ContinueDebugEvent
HeapAlloc
GetStringTypeW
LoadLibraryW
GetLastError
GetWindowsDirectoryA
ConsoleMenuControl
GetModuleHandleA
VirtualProtect
DeleteTimerQueue
lstrlenA
GetProcAddress
_lclose
VirtualFree
VirtualAlloc
GetCurrentProcess
FreeLibrary
ExitThread
FindFirstFileW
OutputDebugStringA

msvcrt

__initenv
_wcmdln
_vsnprintf
wcschr
wcscpy
swprintf
isprint
_c_exit
_cexit
_ftol
__p__commode
wcscat
wcslen
_iob
_adjust_fdiv
__winitenv
_exit
memcpy
free
_controlfp
malloc
strncpy
__p__fmode
_except_handler3
__CxxFrameHandler
_wtol
iswalpha
wcscmp
_snwprintf
_purecall
swscanf
__dllonexit

user32

LoadCursorA
SendMessageW
ReleaseCapture
LoadImageW
ClientToScreen
SetScrollPos
DialogBoxParamA
ReleaseDC
GetParent
GetCursorPos
BeginPaint
CopyRect
ScreenToClient
GetProcessWindowStation
UnregisterClassW
LoadCursorW
DestroyWindow
IsWindow
wsprintfW
SendMessageA
DispatchMessageW
CheckDlgButton
LoadMenuW
RegisterClassA
GetMenuItemCount
MapWindowPoints
SetCapture

gdi32

StretchBlt
TranslateCharsetInfo
CreateBitmap
SetBkMode
CreateFontIndirectW
SetTextColor
PatBlt
RestoreDC
Rectangle
CreateCompatibleDC

opengl32

glColor4d
glColor3ui
glColor4f
GlmfBeginGlsBlock
glFogfv
glTexCoord2dv
wglShareLists
glStencilMask
glColor4i
glTexCoord2d

Exports

Exports

MbmUbbkdurQicmn
TfbufkePmbyvqk
ZwPszbjiePisetg

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c941c9486a1aaf289e46e9fe46962689

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 2KB

.crt Size: 512B - Virtual size: 17B

.edata Size: 512B - Virtual size: 124B

.data Size: 55KB - Virtual size: 54KB

.rsrc Size: 64KB - Virtual size: 63KB

.reloc Size: 512B - Virtual size: 88B

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 2KB

.crt
Size: 512B - Virtual size: 17B

.edata
Size: 512B - Virtual size: 124B

.data
Size: 55KB - Virtual size: 54KB

.rsrc
Size: 64KB - Virtual size: 63KB

.reloc
Size: 512B - Virtual size: 88B