15a58f6351e70dfec90bed2e28d551d2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

15a58f6351e70dfec90bed2e28d551d2_JaffaCakes118
Size

160KB
MD5

15a58f6351e70dfec90bed2e28d551d2
SHA1

1bbeb3317d83ad9d5e15ff6da8f9f0a22ed675e9
SHA256

541dea0f38994ab7f9f1fe28db4f84d14a46399601ad4f579892bdbc8637a9b6
SHA512

028f5160bb736d1391fb28f0c7223e1bbc87c0e0de3503a31f8c7f4b2ed746da4cd9832c3cdf9846fdcb0b0523c349b713ed0799dbf792ba11d70e8d3c3b8129
SSDEEP

3072:Oxni/qU6OViC5IpPSAhR+Gq8s9PEyoh/dRDzKzKxJOhT2Nz6:OxniyU6OfINSy+GqpJgDOAJEc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15a58f6351e70dfec90bed2e28d551d2_JaffaCakes118

Files

15a58f6351e70dfec90bed2e28d551d2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6028fc1fcffe3652a210d24ced7950e0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glVertex4d
glVertex3fv
glPushName
glIsTexture
glGetTexGeniv
glGetMapfv
glEvalCoord1fv
glRotated
glColor4sv
glLightModeli
wglGetCurrentContext
glRasterPos4fv
glTexCoord4i
glGetTexParameterfv
glColor3ui
glTexCoord1s
glRasterPos2dv
glTexCoord3iv
glRasterPos2f
glLoadName
glEdgeFlag
glGenLists
glCallList
glGetTexGendv
glPopAttrib
glTexImage1D
glIndexdv
glAlphaFunc
glDisable
glColorMask
glTexCoord4f
glLightModelf
glGetTexLevelParameterfv
glTexGenf
glNormal3sv
glAreTexturesResident
glCopyPixels
glTexCoord2fv
glGetDoublev
glPushAttrib
glMap1f
glVertex3sv
glPolygonStipple
glMapGrid1f
wglUseFontOutlinesW
glTexCoord2dv
glColor4s
glInitNames
glReadPixels
glRasterPos3i
glIndexd
glTexCoord3d
glGetLightiv
glColor3b
wglShareLists
glLightModelfv
glRasterPos4sv
glTexCoord2sv
glPixelMapusv
glTexCoord3f
glFinish
wglSetLayerPaletteEntries
glTexGendv
glIsList
wglRealizeLayerPalette
glArrayElement
glColor4usv
glRects
glVertex3dv
glMapGrid2d
glDeleteTextures
glIndexsv
glPushClientAttrib
glTexCoord3i
glTexCoord1sv
glTexCoord2i
glScalef
glClear
glTexCoord1f
glTexCoord4fv
glMaterialfv
glColorMaterial
glDrawPixels
glDrawBuffer
glNewList
glPolygonMode

sqlunirl

_SHBrowseForFolder_@4
_PolyTextOut_@12
_IsCharAlphaNumeric_@4
_EnumDisplaySettings_@12
_CopyMetaFile_@8
_PostMessage@16
_GetCharWidth_@16
_RegQueryValue_@16
_CreatePropertySheetPage_@4
__hwrite_@12
_DeleteFile@4
_SetEnvironmentVariable_@8
_CallMsgFilter_@8
_tfopen
_QueryServiceConfig_@16
_DefFrameProc_@20
_CreateService_@52
__lcreat_@8
_BuildCommDCB_@8
_GetBinaryType_@8
_GetServiceDisplayName_@16
_EnumICMProfiles_@12
_AccessCheckAndAuditAlarm_@44
_LogonUser_@24
_DefDlgProc_@16
_GetCharacterPlacement_@24
_NDdeShareDel_@12
_GetCompressedFileSize_@8
_NDdeIsValidShareName_@4
_GetLogColorSpace_@12
_CreateProcess_@40
_SendMessageCallback_@24
_InsertMenuItem_@16
_EnumResourceTypes_@12
_EnumResourceLanguages_@20
_CommDlg_OpenSave_GetSpec@12
_GetProp@8
_GetDriveType_@4
_CreateDC_@16

mprddm

DDMRegisterConnectionNotification
RasAcctProviderTerminate
DDMServiceInitialize
IfObjectNotifyOfReachabilityChange
IfObjectSetDialoutHoursRestriction
DDMAdminInterfaceDisconnect
DDMAdminConnectionEnum
DDMConnectInterface
RasAcctProviderInitialize
DDMAdminPortGetInfo
DDMAdminConnectionGetInfo
DDMAdminPortReset
DDMDisconnectInterface
RasAuthConfigChangeNotification
RasAcctConfigChangeNotification
DDMAdminConnectionClearStats
DDMAdminPortDisconnect
DDMTransportCreate
RasAuthProviderTerminate
DDMGetIdentityAttributes
RasAuthProviderFreeAttributes
RasAcctProviderFreeAttributes
RasAuthProviderInitialize
RasAcctProviderInterimAccounting
DDMAdminPortClearStats
DDMSendUserMessage
IfObjectInitiatePersistentConnections
DDMServicePostListens
RasAuthProviderAuthenticateUser
RasAcctProviderStartAccounting
IfObjectLoadPhonebookInfo
RasAcctProviderStopAccounting
DDMAdminInterfaceConnect
DDMAdminServerGetInfo
DDMAdminPortEnum

kernel32

FileTimeToSystemTime
GetConsoleScreenBufferInfo
WriteProfileSectionA
InvalidateConsoleDIBits
TlsGetValue
SetDefaultCommConfigA
TryEnterCriticalSection
GlobalAlloc
ConvertDefaultLocale
OpenMutexA
FindFirstVolumeA
IsBadHugeReadPtr
CreateFileMappingW
OpenFileMappingA
SetConsoleIcon
WaitForSingleObject
GetVolumePathNameW
SetFileApisToOEM
GetConsoleAliasA
InterlockedDecrement
CloseConsoleHandle
DebugBreak
SetFilePointer
GetModuleHandleA
EnumCalendarInfoExW
SwitchToFiber
FindFirstVolumeMountPointW
SetUserGeoID
SetComputerNameExA
GetCPInfoExA
GetCommConfig
UnregisterWait
GetCommProperties
GetProfileStringW
WaitNamedPipeA
QueryDosDeviceW
GetModuleFileNameA
GetCurrentThread
WriteFile
LoadLibraryA
UnhandledExceptionFilter
ReadFile
VirtualAlloc
GetDiskFreeSpaceA
PeekNamedPipe
FindResourceExA
InterlockedExchange
GetUserGeoID
GetUserDefaultLCID

msvcrt40

_ismbbgraph
_mbctombb
_CIlog10
?endl@@YAAAVostream@@AAV1@@Z
_mbsncmp
_sys_nerr
__lconv_init
??_8istream_withassign@@7B@
_rmtmp
strtol
ctime
?gcount@istream@@QBEHXZ
rename
?fill@ios@@QBEDXZ
??0fstream@@QAE@PBDHH@Z
_setjmp
?unlock@ios@@QAAXXZ
__threadhandle
_outp
?set_unexpected@@YAP6AXXZP6AXXZ@Z
getwchar
atexit
setlocale
_loaddll
?unlockbuf@ios@@QAAXXZ
_wfindnext
?getint@istream@@AAEHPAD@Z
isupper
_mbsnccnt
_local_unwind2
_swab
_spawnv
_wfopen
?get@istream@@QAEAAV1@AAC@Z
fscanf
??4istream_withassign@@QAEAAVistream@@PAVstreambuf@@@Z
??0istream_withassign@@QAE@PAVstreambuf@@@Z
??6ostream@@QAEAAV0@PBD@Z

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6028fc1fcffe3652a210d24ced7950e0

Headers

DLL Characteristics

File Characteristics

Imports

opengl32

sqlunirl

mprddm

kernel32

msvcrt40

Sections

.text Size: 49KB - Virtual size: 49KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 80KB - Virtual size: 203KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 908B

.text
Size: 49KB - Virtual size: 49KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 80KB - Virtual size: 203KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 908B