663b37488890d343666a7113c51e700c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

663b37488890d343666a7113c51e700c_JaffaCakes118
Size

183KB
MD5

663b37488890d343666a7113c51e700c
SHA1

592b0a6bb5a2c1936f7d1855ba69b6698683e7ca
SHA256

d7b9655ee659e7af8f91e6c114ff6198d54fb0a30d585d8d476441f99af4a2fa
SHA512

293b3e37228d216c367c10b4b5cd038301d0f0d345e14e347bdb88dbf6f1673793510c27096404995f1390bd26a6c9e4254f885624904ae918051501832139d2
SSDEEP

3072:2xyhxdlblJrzxA8BdENZdR3ixp/alfQkasrMQb4VbWc5yQO44i8SAO4BtJV:2Axdl5tzxBENZr3U+Q5Dr5j8SAOg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
663b37488890d343666a7113c51e700c_JaffaCakes118

Files

663b37488890d343666a7113c51e700c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

35b1cc61325fbcd61c3cba2d5e51aa5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

glu32

gluLookAt
gluScaleImage
gluNurbsCallback
gluOrtho2D

kbdsp

KbdLayerDescriptor

msi

MsiPreviewDialogA
MsiProvideComponentFromDescriptorW
MsiSummaryInfoGetPropertyW
MsiEnumPatchesExA
MsiGetProductInfoFromScriptW
MsiPreviewDialogW
MsiApplyPatchA
MsiSetFeatureStateW
MsiMessageBoxW
MsiSetTargetPathW
MsiEnumClientsW
MsiConfigureProductExA
MsiInstallMissingComponentA
MsiSourceListForceResolutionW
MsiMessageBoxA
MsiViewGetColumnInfo
MsiGetDatabaseState
MsiApplyMultiplePatchesA
MsiSourceListClearAllW
MsiRecordGetInteger
MsiGetProductInfoW
MsiGetFileVersionW
MsiSetExternalUIW
MsiGetSourcePathW
DllUnregisterServer
MsiGetFeatureCostA
MsiLocateComponentW
MsiDeterminePatchSequenceA
MsiGetPatchInfoA
MsiGetComponentStateA
MsiVerifyDiskSpace
MsiCreateTransformSummaryInfoA
MsiSummaryInfoSetPropertyW
MsiGetPatchInfoW
MsiCollectUserInfoA
MsiViewFetch
MsiViewClose
MsiDeterminePatchSequenceW

qdvd

DllRegisterServer
DllCanUnloadNow
DllGetClassObject
DllUnregisterServer

avifil32

EditStreamSetInfo
AVIFileOpen

ieakeng

SelectADMItem

kernel32

GetConsoleTitleW
EnumLanguageGroupLocalesA
HeapLock
IsBadHugeWritePtr
UnmapViewOfFile
PrivCopyFileExW
GetConsoleCharType
FindFirstFileA
HeapQueryInformation
FreeLibrary
Process32Next
SetThreadContext
WriteConsoleInputVDMW
GetProcessHeaps
GlobalGetAtomNameW
LocalFileTimeToFileTime
GetConsoleAliasExesLengthW
EnumResourceLanguagesA
GetTickCount
FlushViewOfFile
Heap32ListNext
CopyFileW
EnumSystemLocalesW
GetStringTypeExA
ReadFileEx
WritePrivateProfileStructA
GetConsoleAliasExesLengthA
GetFileSizeEx
lstrcpyA
GetConsoleCursorMode
GetFileInformationByHandle
SetCommConfig
IsDBCSLeadByteEx
ReadConsoleOutputW
EnumSystemLanguageGroupsW
GetUserDefaultLCID
GetThreadLocale
SetCurrentDirectoryA
GetProfileIntW
GetSystemDefaultLCID
DnsHostnameToComputerNameW
GetLastError
GetProcessVersion
CancelIo
DebugActiveProcess
SearchPathA
CreateDirectoryA
ExitProcess
SetCriticalSectionSpinCount
HeapCompact
CreateNamedPipeA
SetCalendarInfoW
GetThreadSelectorEntry
WriteFile
VirtualAlloc
_lclose
LocalHandle
ShowConsoleCursor
GlobalUnlock

msvbvm60

__vbaUI1I4
__vbaCyFix
_CIsqrt
__vbaLdZeroAry

kbdla

KbdLayerDescriptor

Sections

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 800KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

35b1cc61325fbcd61c3cba2d5e51aa5d

Headers

File Characteristics

Imports

glu32

kbdsp

msi

qdvd

avifil32

ieakeng

kernel32

msvbvm60

kbdla

Sections

.text Size: 180KB - Virtual size: 180KB

.rdata Size: 512B - Virtual size: 4B

.rsrc Size: 1024B - Virtual size: 820B

.data Size: - Virtual size: 800KB

.text
Size: 180KB - Virtual size: 180KB

.rdata
Size: 512B - Virtual size: 4B

.rsrc
Size: 1024B - Virtual size: 820B

.data
Size: - Virtual size: 800KB