60649693bb17635db9035879be0f8a95_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

60649693bb17635db9035879be0f8a95_JaffaCakes118
Size

126KB
MD5

60649693bb17635db9035879be0f8a95
SHA1

79fd18fa6d5626af613c32b30c6d11bce8c703e0
SHA256

e66a2749ecf6a1e348083fbd625dab9400eaf7134ab62bbbdf31d9a97fea264e
SHA512

cf60622a2fdf875ae7822a18d79cf0fdf5e7064fefae8cae52d8c4cf8976d8da6d74300f615588003aaae619ee98cd9cf333e69565efca6fbc27688067578956
SSDEEP

3072:1MWwlz0UPjJ15AZPcg5rZIMBHju2LXf20:SLJAZPZZR/LX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60649693bb17635db9035879be0f8a95_JaffaCakes118

Files

60649693bb17635db9035879be0f8a95_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9a9a54d67d850018821cfcfda86e69a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

glu32

gluQuadricDrawStyle
gluBeginSurface
gluPwlCurve
gluPartialDisk
gluProject
gluNewNurbsRenderer
gluNewQuadric
gluEndTrim
gluLoadSamplingMatrices
gluEndCurve
gluNewTess
gluEndPolygon
gluBeginCurve
gluPerspective
gluQuadricCallback
gluTessProperty
gluPickMatrix
gluTessCallback
gluTessVertex
gluOrtho2D

kernel32

UnhandledExceptionFilter
GetVDMCurrentDirectories
DefineDosDeviceW
FindFirstVolumeMountPointW
EnumCalendarInfoW
_lclose
SetFileShortNameA
SetProcessAffinityMask
QueryInformationJobObject
GetConsoleAliasesLengthW
GlobalAddAtomW
RemoveDirectoryA
Thread32First
EnumSystemLocalesW
AttachConsole
LZSeek
WaitNamedPipeA
GetLocaleInfoW
SetProcessPriorityBoost
SetConsoleCursor
GlobalFindAtomA
GetFileSizeEx
CreateMutexA
ExitProcess
GetCurrentConsoleFont
LoadLibraryA
VirtualAlloc
lstrcpynW

shlwapi

PathGetCharTypeA
StrRChrIA
StrRChrA
ChrCmpIA
StrFormatByteSizeA
SHRegGetBoolUSValueW
PathMatchSpecW
StrStrIA
PathStripPathW
PathStripPathA
PathFindOnPathA
PathIsUNCServerShareA
UrlGetPartA
UrlHashA
PathCompactPathA
PathIsLFNFileSpecW
StrStrA
IntlStrEqWorkerW
StrChrA
UrlCombineA
StrDupA
SHEnumValueA

crtdll

_ismbbkalnum
_aexit_rtn_dll
cosh
_stricmp
_loaddll
_ultoa
_hypot
_mbsnbicmp
asctime
free
wcscat
strcspn
_rotr
_tzname
_mbstrlen
_y0
ldexp
_makepath
_dup2
_splitpath
_purecall
__iscsymf
_itow
strpbrk

mapistub

MAPIAdminProfiles
ScMAPIXFromCMC
MAPIAddress
MAPILogoff
__ValidateParameters@8
__CPPValidateParameters@8
cmc_logoff
MAPIReadMail
UNKOBJ_ScAllocateMore@16
MAPIInitialize@4
IsBadBoundedStringPtr@8
FDecodeID@12
MAPIAllocateMore@12
LpValFindProp@12
MNLS_IsBadStringPtrW@8
MAPIOpenLocalFormContainer
CchOfEncoding@4
ScGenerateMuid@4
FBadProp@4
MAPIUninitialize@0
MNLS_lstrcpyW@8
MAPIAllocateBuffer@8

mapi32

ScBinFromHexBounded@12
UNKOBJ_Free@8
HrAddColumnsEx@20
FBadSortOrderSet@4
FGetComponentPath
ScCountNotifications@12
HrGetOmiProvidersFlags@8
MAPIFindNext
HrSetOmiProvidersFlagsInvalid
OpenStreamOnFile@24
MAPIOpenLocalFormContainer@4
FBadRow@4
FtDivFtBogus@20
GetAttribIMsgOnIStg@12
ScLocalPathFromUNC@12
ChangeIdleRoutine@28
CchOfEncoding@4
UlAddRef@4
MNLS_CompareStringW@24

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 316B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a9a54d67d850018821cfcfda86e69a1

Headers

DLL Characteristics

File Characteristics

Imports

glu32

kernel32

shlwapi

crtdll

mapistub

mapi32

Sections

.text Size: 41KB - Virtual size: 41KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 78KB - Virtual size: 198KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 316B

.text
Size: 41KB - Virtual size: 41KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 78KB - Virtual size: 198KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 316B