68a717e584e8b3f9e1eb8d03b411ab9f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

68a717e584e8b3f9e1eb8d03b411ab9f_JaffaCakes118
Size

121KB
MD5

68a717e584e8b3f9e1eb8d03b411ab9f
SHA1

90a63c918a1f405d45ef02ce8b9c5b98be817435
SHA256

0c54822e8bdbf23bc492301ad5a8c817fdf6b6c7ea6e3ddd6354c30bf27d3c2c
SHA512

d5582cd6aed593f9c8005cb5f854e58e7edc054208084744a74572f1514024cef71dbecbf3ff478828ca06dd2d8eaefd08a8e95c39dc310872cfd80f26c1fa0d
SSDEEP

3072:n2UWn/tHaBX6cSsZF8bn0/W99uyonhTcNQnijuTWNZdn97Dmipe+1:koisfggLhToQL47DN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68a717e584e8b3f9e1eb8d03b411ab9f_JaffaCakes118

Files

68a717e584e8b3f9e1eb8d03b411ab9f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1274c6e2d369ce72238c81affffeeec5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibraryAndExitThread
GetTimeFormatW
IsBadWritePtr
WriteConsoleW
GlobalReAlloc
OutputDebugStringW
GetProcAddress
CloseHandle
CreateFileW
FindNextFileW
GetModuleHandleA
GetCurrentThreadId
SetUnhandledExceptionFilter
lstrcatA
QueryPerformanceCounter
GetWindowsDirectoryW
CreateDirectoryA
GetLastError
LoadLibraryA
GetCurrentThread
GlobalAlloc
GetSystemDirectoryA
ExitProcess
TerminateThread
GetSystemInfo
SetFilePointer
GetFileType
GetProcAddress
CreateProcessA
HeapFree
MapViewOfFile
CreateDirectoryW
LoadLibraryW

tapi32

lineOpenW
lineDevSpecificFeature
lineSetupConference
lineAddToConference

msvcrt

_iob
isupper
_wcsnicmp
_vsnprintf
strncpy
__p__commode
wcsncpy
atoi
memcpy
memset
wcsncmp
strcpy
_wtoi
towupper
__wgetmainargs
atoi
_acmdln

user32

GetKeyState
ShowWindow
DialogBoxParamW
DeleteMenu
LoadAcceleratorsW
GetWindowPlacement
SetCapture
LoadStringW
LoadMenuA
SetScrollPos
LoadCursorW
InvalidateRect
SystemParametersInfoW
OpenClipboard
GetMenuItemCount
GetAsyncKeyState
PostQuitMessage
GetDlgItem
RemoveMenu
ReleaseDC
RegisterMessagePumpHook
DispatchMessageA
MsgWaitForMultipleObjects

gdi32

CreatePen
SelectObject
GetDeviceCaps
CreateCompatibleDC
SetBkColor
SelectPalette
CreateFontIndirectA
DeleteDC
BitBlt
SetTextColor
PatBlt
SetMapMode
SetPixel
CreateSolidBrush
SaveDC

Exports

Exports

NmdWjvpcpyKndvel
MuNfzsgyHrzdhfi
WultNo
CngIblzduCdpfplgFhah
IqoEmdbhrCdzllrCmxvc

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ttvv
Size: 512B - Virtual size: 277B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1274c6e2d369ce72238c81affffeeec5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

tapi32

msvcrt

user32

gdi32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 2KB

ttvv Size: 512B - Virtual size: 277B

.data Size: 7KB - Virtual size: 6KB

.rsrc Size: 107KB - Virtual size: 106KB

.reloc Size: 512B - Virtual size: 48B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 2KB

ttvv
Size: 512B - Virtual size: 277B

.data
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 107KB - Virtual size: 106KB

.reloc
Size: 512B - Virtual size: 48B