09fa8e2316368d3d00ffddac1a120ec2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

09fa8e2316368d3d00ffddac1a120ec2_JaffaCakes118
Size

20KB
MD5

09fa8e2316368d3d00ffddac1a120ec2
SHA1

887f5204d894b3278d16304973d3bd3ddb3f7426
SHA256

0204252b5a6ee98b238b793b9c10ac1e84c2088fec03545a6f272b4ab602de29
SHA512

fb3776bae8b468a7c76451633187f4094673a062cf4af3f3636cc7def52bbf52c7c9908505189466dd02e75bd823235680018ac1de05eefa3b287f6b01e8167d
SSDEEP

384:0s0o0U70QS/UtaNCEUN7onJZqG4iDj/YLm5lphoJTKK:0s0o0UYQS/UUNCvN7on+Qz5foV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09fa8e2316368d3d00ffddac1a120ec2_JaffaCakes118

Files

09fa8e2316368d3d00ffddac1a120ec2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

da330475c11e42acf56dfa6089e07d18

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprAdminServerDisconnect
MprAdminInterfaceSetCredentials
MprPortSetUsage
MprAdminMIBServerConnect
MprInfoCreate
MprAdminInterfaceQueryUpdateResult
MprAdminInterfaceTransportRemove
MprGetUsrParams
MprInfoBlockQuerySize
MprAdminDeviceEnum
MprConfigGetFriendlyName
MprConfigServerDisconnect
MprAdminGetPDCServer
MprAdminConnectionClearStats
MprAdminUpgradeUsers

imm32

ImmEscapeW
ImmDestroyIMCC
ImmReSizeIMCC
ImmEnumInputContext
ImmLoadLayout
ImmSetActiveContextConsoleIME
ImmIMPQueryIMEW
ImmCreateIMCC
ImmGetDefaultIMEWnd
ImmSetCompositionWindow
ImmGetCompositionWindow
ImmSetConversionStatus
ImmCallImeConsoleIME
ImmFreeLayout
ImmLockImeDpi

opengl32

glPolygonOffset
glTexCoord1d
wglSetPixelFormat
glRotated
glVertex4s
glColor3f
glTexImage1D
glGetTexEnvfv
glVertex4d
glClearStencil
glRectsv
glLoadIdentity
glNormal3dv
glVertex4f
glColor4dv
glIndexubv
glNormalPointer
glTexCoord1fv
glStencilFunc
glEdgeFlagPointer
wglDescribePixelFormat
glColor4i
glTexCoord4s
glRasterPos3fv
glTexCoord3f
glSelectBuffer
glTexCoord2dv
glDeleteLists
glRectd

kernel32

GetTempFileNameW
SetProcessPriorityBoost
CreateFileMappingA
GetLocalTime
SuspendThread
QueryPerformanceCounter
CommConfigDialogA
GetCurrentThreadId
GetTickCount
EnumSystemLocalesA
IsValidLanguageGroup
GetFileType
PulseEvent
GetCurrentProcessId
GetConsoleCommandHistoryLengthA
EnumSystemGeoID
WinExec
OpenFileMappingA
VirtualAlloc

amstream

DllCanUnloadNow
DllRegisterServer
DllUnregisterServer
DllGetClassObject

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 651B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da330475c11e42acf56dfa6089e07d18

Headers

DLL Characteristics

File Characteristics

Imports

mprapi

imm32

opengl32

kernel32

amstream

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 1024B - Virtual size: 651B

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 1024B - Virtual size: 651B

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 3KB - Virtual size: 2KB