4506f063cbb855b9d0e619f0de11848f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4506f063cbb855b9d0e619f0de11848f_JaffaCakes118
Size

122KB
MD5

4506f063cbb855b9d0e619f0de11848f
SHA1

78d816866905671ecfe39cd4cf1309330d3f8fe6
SHA256

e435312402b584c2b271354979704f9ec4372797a7cf750e502c7099c19131de
SHA512

b3f3b328926359afef7e5bb359b3243e4c801fa8cb392453c692bec3523612073993f1c8459f6e25c1bba8f8780691fd31930a534e6e6e4e3443a73ffcbe990f
SSDEEP

3072:s69TGrMSXU1F1acfUgqOk7gXAR+1rPm73Ac7BPi:Z9qrMSiVfUBN+ARur+73AEBP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4506f063cbb855b9d0e619f0de11848f_JaffaCakes118

Files

4506f063cbb855b9d0e619f0de11848f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

532ae199c676e5929e397e2f47e14456

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteAtom
_lclose
CancelTimerQueueTimer
GetProcAddress
LoadLibraryW
ExitThread
CreateIoCompletionPort
GetLastError
HeapAlloc
VirtualFree
lstrlenA
VirtualProtect
WriteConsoleW
GetStringTypeW
CancelWaitableTimer
FreeLibrary
VirtualAlloc
GetModuleHandleA
GetWindowsDirectoryA
FindFirstFileW
GetCurrentProcess

msvcrt

_ftol
_snwprintf
wcscpy
__winitenv
_wcmdln
swscanf
_except_handler3
__p__fmode
_iob
wcscmp
__initenv
_exit
memcpy
_cexit
strncpy
wcschr
free
_purecall
wcslen
__p__commode
_controlfp
isgraph
__CxxFrameHandler
swprintf
_adjust_fdiv
_c_exit
_wtol
malloc
wcscat
_vsnprintf
__dllonexit

user32

SendMessageA
LoadImageW
CopyRect
ReleaseDC
GetCursorPos
CheckDlgButton
GetProcessWindowStation
RegisterClassA
BeginPaint
ScreenToClient
ReleaseCapture
SetCapture
UnregisterClassW
SendMessageW
LoadMenuW
SetScrollPos
LoadCursorA
DialogBoxParamA
DestroyWindow
wsprintfW
IsWindow
GetParent
DispatchMessageW
MapWindowPoints
LoadCursorW
GetMenuItemCount
ClientToScreen

shell32

SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHGetFolderPathW

opengl32

GlmfBeginGlsBlock
glColor3ui
glTexCoord2dv
wglShareLists
glTexCoord2d
glStencilMask
glColor4i
glColor4d
glColor4f
glFogfv

Exports

Exports

KmmbTobyhhTytqsGf
BxsUoytkpPsl
TanudMqnek

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 98B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

532ae199c676e5929e397e2f47e14456

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

shell32

opengl32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 124B

.data Size: 70KB - Virtual size: 69KB

.rsrc Size: 32KB - Virtual size: 31KB

.reloc Size: 512B - Virtual size: 98B

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 124B

.data
Size: 70KB - Virtual size: 69KB

.rsrc
Size: 32KB - Virtual size: 31KB

.reloc
Size: 512B - Virtual size: 98B