67e8375eb10080978e1337f3b667a2b3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

67e8375eb10080978e1337f3b667a2b3_JaffaCakes118
Size

156KB
MD5

67e8375eb10080978e1337f3b667a2b3
SHA1

3604da3615839e886d6c15c0899dba4246ff3dfe
SHA256

f76b9650d483d12829b747b6d7de9e45a305abbb13ffd213c5375c8efd6316f5
SHA512

8c02217bd2637a72a55446fb01dab5dc331beb4d1941acf0d469e4cf491bf3f7045b5c73733bcfc54ce4407cdf07749da95b955530ed0af211c60694f8bfddfb
SSDEEP

3072:WMX+L/poHLLtojVB3afahjmkupxQN1JOkCAx4DLlTttzUG7wkzXYKfpRBLwq:zChS3tkB3BkkkmN1JOkD+DH+Iwkzo0p/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67e8375eb10080978e1337f3b667a2b3_JaffaCakes118

Files

67e8375eb10080978e1337f3b667a2b3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dd8ac73f5c1f71ba76e7f6e97a6768fc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
FindFirstFileA
WriteFile
GetDefaultCommConfigA
QueryPerformanceCounter
CreateFiberEx
GetEnvironmentVariableW
GetCurrencyFormatW
GetTickCount
WriteTapemark
GetTimeFormatA
GetCurrentThreadId
VirtualAlloc
GlobalCompact
SetConsoleCursorInfo
IsValidCodePage
GetComputerNameExW
GlobalMemoryStatus
DeleteFileW

msvcrt20

__getmainargs
strcpy
??_Eistream_withassign@@UAEPAXI@Z
_getche
?rdbuf@ios@@QBEPAVstreambuf@@XZ
strtol
?setbuf@fstream@@QAEPAVstreambuf@@PADH@Z
_pclose
??6ostream@@QAEAAV0@C@Z
??1strstream@@UAE@XZ
__seh_longjmp_unwind@4
??_Dostrstream@@QAEXXZ
_wrename
?lock@streambuf@@QAEXXZ
fgetpos
_wcsncoll
_matherr

opengl32

glRasterPos3dv
glGetPixelMapuiv
glPushAttrib
glDebugEntry
glTexEnviv
glPopName
glColor4usv
glPassThrough
glGetPixelMapusv
glRectiv
glDrawPixels
glTexCoord4iv
glGetTexGeniv

wldap32

ldap_create_page_controlW
ldap_create_page_control
ldap_search_ext_sA
ldap_modify_extA
ldap_startup
ldap_deleteA
ldap_add_ext
ldap_initA
ldap_parse_resultW
ldap_sslinitW
ldap_close_extended_op
ldap_delete_extW
ldap_delete_ext_sA
ldap_next_attribute
LdapUnicodeToUTF8
ldap_explode_dnA

mshtml

ShowHTMLDialog
DllGetClassObject
RunHTMLApplication
ShowHTMLDialogEx
ShowModelessHTMLDialog
ShowModalDialog
DllEnumClassObjects
PrintHTML
CreateHTMLPropertyPage
MatchExactGetIDsOfNames
DllCanUnloadNow

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idat_00
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 330B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd8ac73f5c1f71ba76e7f6e97a6768fc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt20

opengl32

wldap32

mshtml

Sections

.text Size: 93KB - Virtual size: 93KB

.idat_00 Size: 53KB - Virtual size: 53KB

.data Size: 51KB - Virtual size: 51KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 330B

.text
Size: 93KB - Virtual size: 93KB

.idat_00
Size: 53KB - Virtual size: 53KB

.data
Size: 51KB - Virtual size: 51KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 330B