1667898a183d044f04e204d8c521bcd2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1667898a183d044f04e204d8c521bcd2_JaffaCakes118
Size

79KB
MD5

1667898a183d044f04e204d8c521bcd2
SHA1

ed43639871272ce6b340dd054678952cf8f07ce2
SHA256

5c8901b3aec7ed2f34971c9d36204689f9de5f3b51d6675152d93f5bad92cff0
SHA512

04478b1617f5ce2a943995723daa047fb3b83f842722e7eeb98036ccd23675ee1076823feba44bd652476f2129830616522835ca94e6572a7885d75b44738639
SSDEEP

1536:1YN/3UQmgqx78mCBFhtH44k0xMuX+r3WqFvjMnzOXLJ144jCPFDs2MKD:uuUmCvvYR+oGSMnzOXLJ147PFe2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1667898a183d044f04e204d8c521bcd2_JaffaCakes118

Files

1667898a183d044f04e204d8c521bcd2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6f2dc52546bee1723c9033d44c9b2886

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetModuleHandleW
GetEnvironmentVariableW
WideCharToMultiByte
GetProcAddress
InitAtomTable
MapViewOfFileEx
GetProcessVersion
GetDriveTypeW
WriteProfileSectionW
GetDiskFreeSpaceExW
SetEvent
ExitProcess
LoadLibraryA
UpdateResourceA
GetStartupInfoA
GetSystemTimeAsFileTime
GetModuleHandleA
WritePrivateProfileStructW
VirtualProtect
CreateFileA
FindVolumeMountPointClose
GetUserDefaultUILanguage
FindResourceW
GetProfileStringW
VirtualAlloc

msvcrt

memcpy
_ismbclower
_wexecl
ispunct
_CxxThrowException
__p___argv
printf
_CItanh
is_wctype
memset
__unDName
_atoi64

user32

LoadImageW
SetCursor
CheckMenuRadioItem
RemoveMenu
GetKeyState
ModifyMenuW
GetWindowTextLengthW
EmptyClipboard
SetWindowTextW
RealChildWindowFromPoint
SetFocus
GetMessageExtraInfo
GetDC
GetAncestor
PrivateExtractIconsA
SetWindowLongW
LoadStringA
EnumDesktopWindows
GetMessageW
CreateWindowExW

opengl32

glTexCoord4i
glTexCoord4sv
glColor3d
glPopName
glTexImage1D
glReadBuffer
glCallLists
glEvalCoord2d
glColor3ui
glVertex3f

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sp
Size: 512B - Virtual size: 115B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sp0
Size: 1024B - Virtual size: 537B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sp1
Size: 512B - Virtual size: 22B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sp2
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sp3
Size: 512B - Virtual size: 57B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f2dc52546bee1723c9033d44c9b2886

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

opengl32

Sections

.text Size: 35KB - Virtual size: 35KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 612B

.sp Size: 512B - Virtual size: 115B

.sp0 Size: 1024B - Virtual size: 537B

.sp1 Size: 512B - Virtual size: 22B

.sp2 Size: 512B - Virtual size: 69B

.sp3 Size: 512B - Virtual size: 57B

.rsrc Size: 36KB - Virtual size: 35KB

.reloc Size: 512B - Virtual size: 64B

.text
Size: 35KB - Virtual size: 35KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 612B

.sp
Size: 512B - Virtual size: 115B

.sp0
Size: 1024B - Virtual size: 537B

.sp1
Size: 512B - Virtual size: 22B

.sp2
Size: 512B - Virtual size: 69B

.sp3
Size: 512B - Virtual size: 57B

.rsrc
Size: 36KB - Virtual size: 35KB

.reloc
Size: 512B - Virtual size: 64B