4be2da13e0be8d1efcc0f2a57922027d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4be2da13e0be8d1efcc0f2a57922027d_JaffaCakes118
Size

100KB
MD5

4be2da13e0be8d1efcc0f2a57922027d
SHA1

595fa7564309548abd82860a7e9a10d580ba3d6a
SHA256

5ef4836eed12a762b536d532a030bffdee1058bad550b150aa2614c3025287b0
SHA512

14cca3e738c6df7a0d4bc0f9e8b914e0f785fb349cfd92f878558e6083878ef28eda88242b0e881cf4ffa462a2f62ff6fda59fd969c95986ddf0c1d5dbde6524
SSDEEP

1536:mDaoDMj7mYXZ5SNwY8670T3p7orDVAyw8ToKYRilRHwbPiDI0LsoF:mDLoTXZ5owY8VcDVAyTTsiLHwriDhz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4be2da13e0be8d1efcc0f2a57922027d_JaffaCakes118

Files

4be2da13e0be8d1efcc0f2a57922027d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e6d1fc8183610aab196a4ce80da415c2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

glu32

gluTessEndPolygon
gluNewNurbsRenderer
gluQuadricNormals
gluCylinder
gluQuadricCallback
gluBeginTrim
gluGetNurbsProperty
gluTessNormal
gluNurbsSurface
gluBuild2DMipmaps
gluEndPolygon
gluEndSurface
gluNurbsCallback
gluGetString
gluPickMatrix
gluScaleImage
gluOrtho2D
gluErrorUnicodeStringEXT
gluBeginCurve
gluBeginPolygon
gluErrorString
gluLookAt
gluProject
gluPerspective
gluUnProject
gluNurbsCurve
gluSphere
gluNewQuadric
gluLoadSamplingMatrices
gluNextContour
gluNurbsProperty
gluQuadricOrientation
gluQuadricTexture
gluDeleteQuadric
gluEndCurve
gluTessBeginPolygon
gluBuild1DMipmaps
gluTessProperty
gluBeginSurface
gluEndTrim
gluPartialDisk

opengl32

glDeleteLists
glDeleteTextures
glGetTexImage
glTexCoord2f
glGetMapdv
glRasterPos4d
glTexCoord2dv
glPassThrough
glCopyTexImage2D
glColor3sv
glRotated
glGetLightfv
wglCopyContext
glRasterPos2iv
glGetTexGenfv
glMap1d
GlmfBeginGlsBlock
wglGetPixelFormat
glGetLightiv
glPopMatrix
glColor4s
glTexCoord3iv
glRasterPos4f
glNormal3dv
glPixelZoom
glRasterPos4s
glMapGrid2f
glGetMaterialiv
glCopyTexImage1D
glRectiv
glScalef
glVertexPointer
glTexCoord3d
glEdgeFlagPointer
glNormal3f
glVertex2s
glEnableClientState
glTranslatef
wglUseFontOutlinesA

kernel32

GetCommConfig
lstrcmpi
TlsGetValue
HeapSize
SetCommState
GetCurrentConsoleFont
RemoveVectoredExceptionHandler
GetConsoleAliasesA
GetConsoleWindow
HeapFree
CreateDirectoryExW
lstrlenW
SetSystemTime
GetTickCount
GetVDMCurrentDirectories
GetStartupInfoW
GlobalSize
SetConsoleOutputCP
SetConsoleNumberOfCommandsA
LoadLibraryA
IsDBCSLeadByteEx
BuildCommDCBA
SetHandleContext
SignalObjectAndWait
WriteProfileStringW
CompareFileTime
RegisterConsoleOS2
FillConsoleOutputAttribute
CreateProcessInternalA
OpenJobObjectA
CreatePipe
MapViewOfFile
GetQueuedCompletionStatus
FindResourceExA
MapUserPhysicalPages
FindFirstVolumeMountPointW
GetPrivateProfileStructW
GetConsoleInputExeNameA
HeapValidate
RtlFillMemory
CloseProfileUserMapping
CreateMailslotW
SetConsoleActiveScreenBuffer
UnregisterWait
_hread
ChangeTimerQueueTimer
CreateJobSet
RtlCaptureStackBackTrace
GetCurrencyFormatW
WriteConsoleA
CreateNamedPipeA
GetProfileStringW
SetTapeParameters
GetModuleHandleW
LockFileEx
MoveFileWithProgressW
EnumDateFormatsA
SetLocaleInfoW
GetConsoleOutputCP
GetVolumePathNamesForVolumeNameA
InitAtomTable
lstrcpyW
OpenWaitableTimerA
DosPathToSessionPathA
BuildCommDCBAndTimeoutsA
VirtualAlloc
UpdateResourceW
GetConsoleAliasExesA
DnsHostnameToComputerNameA

clusapi

RemoveClusterResourceDependency
GetClusterResourceKey
GetClusterGroupKey
RestoreClusterDatabase
SetClusterName
GetClusterInformation
GetClusterNodeId
MoveClusterGroup
DeleteClusterResource
GetClusterFromNetInterface
GetClusterNetInterfaceKey
SetClusterNetworkPriorityOrder
DeleteClusterGroup
ClusterNetworkOpenEnum
OnlineClusterGroup
GetClusterGroupState
CloseClusterGroup
CloseClusterResource
ClusterNodeControl
ClusterRegOpenKey
ClusterRegEnumKey
ClusterNodeEnum
OfflineClusterResource
ClusterGroupGetEnumCount
CloseClusterNetInterface
ClusterResourceTypeOpenEnum
ClusterOpenEnum
GetClusterNetworkState
ClusterGroupCloseEnum
OfflineClusterGroup
GetClusterFromResource
CloseCluster
ClusterRegDeleteKey
EvictClusterNode
GetClusterFromNode
SetClusterNetworkName
RegisterClusterNotify
GetClusterFromNetwork
ClusterRegDeleteValue
GetClusterResourceTypeKey
BackupClusterDatabase
ClusterEnum
ClusterNetworkCloseEnum

olecli32

ObjQueryType
PbCreate
OleCreateLinkFromClip
DefCreateFromClip
OleRename
MfQueryBounds
DefCreateFromFile
ErrClose
OleSetData
GenEnumFormat
DibClone
OleCreateFromTemplate
OleLoadFromStream
OleObjectConvert
SetNetName
OleEnumObjects
BmEnumFormat
ErrShow
LeReconnect
OleExecute
LeEnumFormat
WEP
PbCreateLinkFromClip
MfRelease
PbCreateFromFile
DibEnumFormat
LeExecute
OleRenameClientDoc

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6d1fc8183610aab196a4ce80da415c2

Headers

DLL Characteristics

File Characteristics

Imports

glu32

opengl32

kernel32

clusapi

olecli32

Sections

.text Size: 53KB - Virtual size: 53KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 26KB - Virtual size: 93KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 53KB - Virtual size: 53KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 26KB - Virtual size: 93KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 1024B