5a3d552210886bfe9994577940c22456_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5a3d552210886bfe9994577940c22456_JaffaCakes118
Size

23KB
MD5

5a3d552210886bfe9994577940c22456
SHA1

f15c043eb8aa32d25344a7debdf758adf4f95b86
SHA256

02b7e38dedfbfa23fb75da8ecc24512cb4853560ad3aea4a2bdb2b05e5198af7
SHA512

a560b1e209e131dc1414b1c020287cf149a2b98e4bb375c033bbac291aab583ea028eb4503e60e5bae2ec7b36813dbae8203bc66d5f67a23dd223a78170fdc27
SSDEEP

384:K9NJFWZzvu17a4bRDLg12CiEbj41gbMQJASzdp553B3B3B3dNoK:K9N7WdOamRHgxSVQ9D55RRRZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a3d552210886bfe9994577940c22456_JaffaCakes118

Files

5a3d552210886bfe9994577940c22456_JaffaCakes118
.exe windows:5 windows x86 arch:x86

73cf65da08559e404a31746ffa4af31d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

wglUseFontOutlinesA
glCopyTexSubImage2D
glColor4ubv
glEvalCoord2fv
glTexSubImage1D
glGetMaterialfv
glFlush
glColor3iv
glIndexs
wglMakeCurrent
glMatrixMode
glListBase
wglGetDefaultProcAddress
wglShareLists
glTexCoord1iv
glPopAttrib
glLoadMatrixf
glNormalPointer

kernel32

GetTickCount
GetCurrentThreadId
GetCurrentProcessId
VerSetConditionMask
VirtualAlloc
GetCurrentProcess
SetInformationJobObject
GetVolumeNameForVolumeMountPointA
QueryPerformanceCounter
Module32First
GetTimeFormatW
ReadFile
FindClose
CreateMemoryResourceNotification
Toolhelp32ReadProcessMemory
ExpungeConsoleCommandHistoryA
GetConsoleFontInfo
UnmapViewOfFile
EnumerateLocalComputerNamesA

ntdll

RtlUnhandledExceptionFilter2
RtlSetDaclSecurityDescriptor
RtlLengthSid
RtlDeactivateActivationContextUnsafeFast
bsearch
ZwDelayExecution
NtSetInformationKey
RtlValidateHeap
ZwReadRequestData
NtContinue
iswlower
isprint
RtlDeNormalizeProcessParams
RtlDestroyProcessParameters
_i64toa

dxtmsft

DllRegisterServer
DllEnumClassObjects
DllCanUnloadNow
DllGetClassObject
DllUnregisterServer

user32

CopyImage
DlgDirSelectComboBoxExW
GetClipboardFormatNameW
SetMenu
IsCharAlphaNumericA
GetParent
HiliteMenuItem
SetUserObjectInformationA
CharPrevExA
BeginDeferWindowPos
UserLpkPSMTextOut
DrawCaption
GetCursorPos
AttachThreadInput
WinHelpW

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 645B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73cf65da08559e404a31746ffa4af31d

Headers

DLL Characteristics

File Characteristics

Imports

opengl32

kernel32

ntdll

dxtmsft

user32

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 1024B - Virtual size: 645B

.data Size: 512B - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 1024B - Virtual size: 645B

.data
Size: 512B - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 3KB