5e9ea0005be8594c73a88f82ac79f1f4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5e9ea0005be8594c73a88f82ac79f1f4_JaffaCakes118
Size

119KB
MD5

5e9ea0005be8594c73a88f82ac79f1f4
SHA1

803ba9fa1ce5ab7ec2a9feddd6716b2b540b5249
SHA256

322353004b7df06b9d833d9987fdb1683c588c51bdc4b13776ec5181962b6ce5
SHA512

f40c84fbd152cfcb8f1c9d62e4ab5f7a68b9b1ee10ff7a4618c169e5b0e03470864ec211d5b20b47f8aed278fd46ec52ac4ed4e4e07bc40e4b229c3b7c218fff
SSDEEP

3072:E6r3KSBhPpuSvgkEVCO4i7Pqb394K8B6Unq9xip7:BrfT5vlO4xb394Kl/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e9ea0005be8594c73a88f82ac79f1f4_JaffaCakes118

Files

5e9ea0005be8594c73a88f82ac79f1f4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

187c70f0d762b1276768c11331173463

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualProtect
GetWindowsDirectoryA
_lclose
FreeLibrary
HeapAlloc
ExitThread
FindFirstFileW
GetLastError
GetStringTypeW
WriteConsoleW
CallNamedPipeW
OutputDebugStringA
GetCurrentProcess
CallNamedPipeA
GetProcAddress
GetModuleHandleA
CreateHardLinkA
VirtualAlloc
LoadLibraryW
DeleteAtom
lstrlenA

msvcrt

_exit
_iob
_except_handler3
strncpy
_wtol
swprintf
wcscat
_purecall
_controlfp
_vsnprintf
_snwprintf
isalpha
wcscpy
isdigit
__initenv
__CxxFrameHandler
wcscmp
_ftol
_c_exit
__dllonexit
_wcmdln
malloc
swscanf
wcschr
__p__fmode
_adjust_fdiv
free
__winitenv
memcpy
_cexit
__p__commode
wcslen

user32

GetProcessWindowStation
ReleaseDC
LoadImageW
GetCursorPos
MapWindowPoints
CopyRect
SetCapture
DispatchMessageW
LoadCursorW
DestroyWindow
SetScrollPos
DialogBoxParamA
RegisterClassA
GetParent
LoadCursorA
wsprintfW
SendMessageA
ClientToScreen
LoadMenuW
ReleaseCapture
CheckDlgButton
BeginPaint
ScreenToClient
IsWindow
SendMessageW
GetMenuItemCount
UnregisterClassW

shell32

SHGetFolderPathW
SHGetFileInfoW
SHGetPathFromIDListW
ShellExecuteW

opengl32

wglShareLists
glColor4i
glTexCoord2d
GlmfBeginGlsBlock
glColor4f
glColor3ui
glColor4d
glStencilMask
glFogfv
glTexCoord2dv

Exports

Exports

KmmbTobyhhTytqsGf
BxsUoytkpPsl
TanudMqnek

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 102B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

187c70f0d762b1276768c11331173463

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

shell32

opengl32

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 124B

.data Size: 68KB - Virtual size: 67KB

.rsrc Size: 31KB - Virtual size: 31KB

.reloc Size: 512B - Virtual size: 102B

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 124B

.data
Size: 68KB - Virtual size: 67KB

.rsrc
Size: 31KB - Virtual size: 31KB

.reloc
Size: 512B - Virtual size: 102B