60b444dfa546a2a7c38127a82f84d392_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

60b444dfa546a2a7c38127a82f84d392_JaffaCakes118
Size

80KB
MD5

60b444dfa546a2a7c38127a82f84d392
SHA1

39dd5f21931116d2b8cc4d0858baa75cdf761f74
SHA256

903cf545efb48262d9c0a38e87c1034e1ec7ef481f425d5a46d03726df4178b1
SHA512

10e508337f281a05939a1f60af891c5f25030a5c42fc586bc47f0107456d81e41c84fba58b775196b9e5e9f241d449c38341e9da8ba9a65f2dbb75c5970e7735
SSDEEP

1536:swF5HM7UgHi8KpTP+1P++xLF0nvwBWi7VrAabNX/KvpWDA9r5FjDf2+WWVRgGTEb:boi9pePnxL2v1OOaN/w8AxLDgB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60b444dfa546a2a7c38127a82f84d392_JaffaCakes118

Files

60b444dfa546a2a7c38127a82f84d392_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c66efe1ccbbf34c964e0d02bc42fa271

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MapViewOfFileEx
CreateHardLinkW
FindAtomA
FlushFileBuffers
LoadLibraryA
IsDBCSLeadByte
SetProcessWorkingSetSize
SetFileTime
FlushViewOfFile
GetLastError
GetProcAddress
GetModuleHandleA
GetModuleHandleW
ExitThread
MoveFileWithProgressA
VirtualAlloc
ExitProcess
VirtualProtect
TerminateJobObject
CreatePipe

msvcrt

acos
_mbsncoll
_pipe
memset
ispunct
memcpy
_osplatform
realloc
is_wctype

user32

DialogBoxParamW
PrivateExtractIconsA
DrawTextW
LoadStringA
ShowWindow
GetProcessDefaultLayout
SetFocus
ModifyMenuW
DefWindowProcW
GetClientRect
SetWindowLongW
GetWindowLongW
SetDlgItemTextW
GetMenu
GetWindowTextLengthW
EqualRect
AppendMenuW
SetCursor
TrackPopupMenu
RealChildWindowFromPoint

gdi32

CreateFontIndirectW
CreateDIBSection
DeleteObject
GetCurrentObject
SetPaletteEntries
GetBrushOrgEx
CreateSolidBrush
SetRectRgn
GetStockObject
CombineRgn
GetTextFaceW

opengl32

glNormal3sv
glInitNames
glTexEnviv
wglGetCurrentDC
glEnableClientState
glTexCoord1i
glNormal3d
glDrawBuffer
glNormal3dv
glColor4fv
glTranslatef
glGetTexLevelParameteriv
glTexCoord1d

Exports

Exports

FzfwdzaNus
SwFcomllnJrjlOw
Jcbxnyi
EbkcfeeUplrfFubqVx

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xpi
Size: 1024B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ixp
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pixi
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 62B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c66efe1ccbbf34c964e0d02bc42fa271

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 5KB - Virtual size: 4KB

.xpi Size: 1024B - Virtual size: 644B

.ixp Size: 512B - Virtual size: 17B

.pixi Size: 1024B - Virtual size: 836B

.rsrc Size: 65KB - Virtual size: 65KB

.reloc Size: 512B - Virtual size: 62B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 5KB - Virtual size: 4KB

.xpi
Size: 1024B - Virtual size: 644B

.ixp
Size: 512B - Virtual size: 17B

.pixi
Size: 1024B - Virtual size: 836B

.rsrc
Size: 65KB - Virtual size: 65KB

.reloc
Size: 512B - Virtual size: 62B