2758b1f99a58cb04921b42f02ce78466_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2758b1f99a58cb04921b42f02ce78466_JaffaCakes118
Size

79KB
MD5

2758b1f99a58cb04921b42f02ce78466
SHA1

ddf4235229f69491300d2dd88af66df5edd129c6
SHA256

492d4eddf623cd0942bdf7926884ca81225ecf5e741d2e62907c170812136b3a
SHA512

857ff95e8ad258c271d337b74fcc4f16c8c21c32d0866cf7cb50ec49eb2ac71d328db7bc0e0a8d514e93f12192f2b716187c13f3cc3cc1e21b1a13ea112c2dcf
SSDEEP

1536:+pnyqxJrfylJzphkVFo8bIw1wE/KOlXrEnB2KMYW00HE5HoOXnNc1k:+yqvT6pDwrt1EOl1SW00khL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2758b1f99a58cb04921b42f02ce78466_JaffaCakes118

Files

2758b1f99a58cb04921b42f02ce78466_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e677621ffb0f022206f38501fec106e3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReplaceFileW
SystemTimeToFileTime
LoadLibraryA
EndUpdateResourceA
GetModuleHandleW
FindResourceW
GetProcAddress
MapViewOfFileEx
SetCurrentDirectoryW
WritePrivateProfileSectionW
CreateFileA
Heap32First
GetLastError
TlsGetValue
FindResourceExA
ExitProcess
MoveFileExW
CreateFiber
GetModuleHandleA
OpenEventA
VirtualAlloc
VirtualProtect
GetTimeFormatA

msvcrt

_safe_fprem1
memcpy
isspace
memset
is_wctype
fgetpos
isupper
ispunct
_strdup
_findfirst
??9type_info@@QBEHABV0@@Z
_adj_fdivr_m64
??2@YAPAXI@Z
_fpieee_flt
_execvp
_putenv
_ismbclegal
_findnext
tolower

user32

CopyRect
SetForegroundWindow
GetClassWord
RemoveMenu
DrawTextW
GetPropW
LoadStringA
GetProcessDefaultLayout
GetWindowPlacement
PrivateExtractIconsW
SetWindowLongW
LoadStringW
ModifyMenuW
DispatchMessageW
MonitorFromWindow
GetWindowRect
GetSubMenu

opengl32

glStencilFunc
glTexParameteriv
glColor3i
glDrawArrays
glArrayElement
glLogicOp
wglCreateContext
wglGetDefaultProcAddress
glTexGenf
glMateriali
glVertex3fv
glBegin
glRasterPos2fv

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sp
Size: 512B - Virtual size: 115B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sp0
Size: 1024B - Virtual size: 537B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sp1
Size: 512B - Virtual size: 22B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sp2
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sp3
Size: 512B - Virtual size: 57B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e677621ffb0f022206f38501fec106e3

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

opengl32

Sections

.text Size: 35KB - Virtual size: 35KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 1KB

.sp Size: 512B - Virtual size: 115B

.sp0 Size: 1024B - Virtual size: 537B

.sp1 Size: 512B - Virtual size: 22B

.sp2 Size: 512B - Virtual size: 69B

.sp3 Size: 512B - Virtual size: 57B

.rsrc Size: 35KB - Virtual size: 35KB

.reloc Size: 512B - Virtual size: 92B

.text
Size: 35KB - Virtual size: 35KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 1KB

.sp
Size: 512B - Virtual size: 115B

.sp0
Size: 1024B - Virtual size: 537B

.sp1
Size: 512B - Virtual size: 22B

.sp2
Size: 512B - Virtual size: 69B

.sp3
Size: 512B - Virtual size: 57B

.rsrc
Size: 35KB - Virtual size: 35KB

.reloc
Size: 512B - Virtual size: 92B