333d342aa3b4112ab5642e403cdbdf26_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

333d342aa3b4112ab5642e403cdbdf26_JaffaCakes118
Size

136KB
MD5

333d342aa3b4112ab5642e403cdbdf26
SHA1

e14c582f4ee28b908003221875896039a463d2f5
SHA256

c0f9f2d0b8bfbee08d2bcdf04be3320fadde239762641be6dbedc4e2f7d05717
SHA512

449460eae1b9a654e4c60d8d321dfca9f0a262b76750574afa4c581d51c842ad9506fc9378f6d1b8e3d9f52ce04960734be0210776f4d07ee323682393c92a40
SSDEEP

3072:D9JL9QMCB4fnVNQ3wlpwV0er0afKcP1zrp3PXsHYr:DWMCetPpwV0i0CP9rp3PcHY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
333d342aa3b4112ab5642e403cdbdf26_JaffaCakes118

Files

333d342aa3b4112ab5642e403cdbdf26_JaffaCakes118
.dll windows:5 windows x86 arch:x86

da800435f81e3a2bb12cada4fcea73c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteTimerQueue
VirtualAlloc
ConvertDefaultLocale
VirtualFree
_lclose
GetStringTypeW
FreeLibrary
HeapAlloc
lstrlenA
ExitThread
ConvertFiberToThread
FindFirstFileW
VirtualProtect
LoadLibraryW
WriteConsoleW
GetWindowsDirectoryA
GetCurrentProcess
GetModuleHandleA
OutputDebugStringA
GetLastError
GetProcAddress

msvcrt

__p__fmode
__p__commode
__initenv
_c_exit
_exit
_purecall
isprint
wcslen
_controlfp
swprintf
_wtol
_wcmdln
_cexit
wcscat
wcscmp
__winitenv
_iob
_vsnprintf
swscanf
free
__CxxFrameHandler
_ftol
iswcntrl
strncpy
wcschr
_except_handler3
memcpy
malloc
_adjust_fdiv
wcscpy
__dllonexit
_snwprintf

user32

GetProcessWindowStation
ClientToScreen
CopyRect
DialogBoxParamA
ReleaseCapture
LoadImageW
GetCursorPos
LoadCursorW
UnregisterClassW
CheckDlgButton
GetParent
ScreenToClient
SetCapture
BeginPaint
RegisterClassA
ReleaseDC
IsWindow
DispatchMessageW
DestroyWindow
wsprintfW
GetMenuItemCount
LoadMenuW
SendMessageW
SendMessageA
MapWindowPoints
LoadCursorA
SetScrollPos

gdi32

Rectangle
CreateFontIndirectW
TranslateCharsetInfo
StretchBlt
SetBkMode
PatBlt
SetTextColor
RestoreDC
CreateCompatibleDC
CreateBitmap

opengl32

glColor4f
glFogfv
wglShareLists
glColor4i
glColor3ui
glColor4d
glTexCoord2dv
glStencilMask
glTexCoord2d
GlmfBeginGlsBlock

Exports

Exports

MbmUbbkdurQicmn
TfbufkePmbyvqk
ZwPszbjiePisetg

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da800435f81e3a2bb12cada4fcea73c1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 2KB

.crt Size: 512B - Virtual size: 17B

.edata Size: 512B - Virtual size: 124B

.data Size: 55KB - Virtual size: 54KB

.rsrc Size: 64KB - Virtual size: 63KB

.reloc Size: 512B - Virtual size: 104B

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 2KB

.crt
Size: 512B - Virtual size: 17B

.edata
Size: 512B - Virtual size: 124B

.data
Size: 55KB - Virtual size: 54KB

.rsrc
Size: 64KB - Virtual size: 63KB

.reloc
Size: 512B - Virtual size: 104B