6372464f099d33f2e7b2fc0387d881aa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6372464f099d33f2e7b2fc0387d881aa_JaffaCakes118
Size

120KB
MD5

6372464f099d33f2e7b2fc0387d881aa
SHA1

010c9b65b6b2e830396a8d117b409df24f03d168
SHA256

1812350bdcda1ded5cbba4ab093063b3a286774df5e835f49c6451258149e523
SHA512

0b2c8eb15157def1fc49b5db95564657b33c0f8a3752789f7dac8998cda8d16f9d0b0a5b38896b1dfd2adcd7e26273646373c3a035806caf2b907ea10236bf9c
SSDEEP

3072:F0RWrcw4uOcgd1N0YqTIdWYZR1EODa0gA8xETQusHBY:F0hxrtR1nG6TQlY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6372464f099d33f2e7b2fc0387d881aa_JaffaCakes118

Files

6372464f099d33f2e7b2fc0387d881aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b472a5f3b2c34ca910b1edf9117491db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
_lclose
FreeLibrary
GetWindowsDirectoryA
GetStringTypeW
WriteConsoleW
HeapAlloc
FindFirstFileW
lstrlenA

msvcrt

wcscat
__p__commode
swprintf
_except_handler3
__winitenv
__p__fmode
wcschr
_purecall
_controlfp
_cexit
_wcmdln
free
__initenv
__CxxFrameHandler
malloc
_snwprintf
_ftol
_iob
_vsnprintf
wcscmp
swscanf
_adjust_fdiv
wcslen
_exit
strncpy
_wtol
wcscpy
_c_exit
__dllonexit

user32

DispatchMessageW
ScreenToClient
LoadImageW
GetProcessWindowStation
GetParent
SendMessageA
wsprintfW
SetCapture
CopyRect
GetCursorPos
ReleaseDC
LoadMenuW
GetMenuItemCount
MapWindowPoints
DestroyWindow
ReleaseCapture
SendMessageW
RegisterClassA
SetScrollPos
DialogBoxParamA
LoadCursorA
ClientToScreen
IsWindow
BeginPaint
UnregisterClassW
CheckDlgButton
LoadCursorW

shell32

ShellExecuteW
SHGetPathFromIDListW
SHGetFolderPathW
SHGetFileInfoW

opengl32

glStencilMask
glColor4f
glTexCoord2dv
glColor4i
glFogfv
glColor4d
GlmfBeginGlsBlock
glTexCoord2d
wglShareLists
glColor3ui

Exports

Exports

KmmbTobyhhTytqsGf
BxsUoytkpPsl
TanudMqnek

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 30B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b472a5f3b2c34ca910b1edf9117491db

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

shell32

opengl32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 2KB - Virtual size: 1KB

.edata Size: 512B - Virtual size: 124B

.crt Size: 512B - Virtual size: 17B

.data Size: 69KB - Virtual size: 69KB

.rsrc Size: 32KB - Virtual size: 31KB

.reloc Size: 512B - Virtual size: 30B

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 2KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 124B

.crt
Size: 512B - Virtual size: 17B

.data
Size: 69KB - Virtual size: 69KB

.rsrc
Size: 32KB - Virtual size: 31KB

.reloc
Size: 512B - Virtual size: 30B