6ff0b64e263c6a18030cd9171a3b47f0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6ff0b64e263c6a18030cd9171a3b47f0_JaffaCakes118
Size

126KB
MD5

6ff0b64e263c6a18030cd9171a3b47f0
SHA1

ed20ea8a80bfefdad0fd1486028617fdbeae3153
SHA256

2f3f5546576b39225743764d3ceccd1b4ac8d66476b8e2a7b4c5ea797beeac4b
SHA512

5fe01d443e9dac13bbd40b2959f8d4a7e40b4bd2ac46c4188ade0d5609825c7dcf37c08a565e73cd6e33941612e26159ccbf315ce81c1643172756ecf6354370
SSDEEP

3072:H8m/x41SFdNcwqXjlIK3Jz608Zot6cOIB:H4scwqXj+rZo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ff0b64e263c6a18030cd9171a3b47f0_JaffaCakes118

Files

6ff0b64e263c6a18030cd9171a3b47f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3048aeb2f2c606d9dfbacd4ac5a386ea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

TranslateCharsetInfo
RestoreDC
CreateBitmap
PatBlt
SetTextColor
StretchBlt
CreateFontIndirectW
SetBkMode
Rectangle
CreateCompatibleDC

kernel32

GetTempPathW
WriteConsoleW
_lclose
DisableThreadLibraryCalls
FindFirstFileW
VirtualFree
lstrlenA
AddRefActCtx
GetProcAddress
FreeLibrary
GetWindowsDirectoryA
HeapAlloc
GetModuleHandleA
GetCurrentProcess
VirtualProtect
AddLocalAlternateComputerNameW
OutputDebugStringA
VirtualAlloc
GetStringTypeW
OutputDebugStringA
ExitThread
LoadLibraryW

msvcrt

wcslen
malloc
wcscat
strncpy
wcschr
_ftol
_controlfp
_wtol
wcscpy
_iob
_purecall
__CxxFrameHandler
_adjust_fdiv
_except_handler3
_c_exit
__initenv
wcscmp
memcpy
_snwprintf
_cexit
__winitenv
memset
swscanf
__dllonexit
_wcmdln
free
swprintf
isalpha
__p__fmode
_exit
__p__commode
_vsnprintf

opengl32

glTexCoord2d
glColor4d
glColor4i
glStencilMask
glTexCoord2dv
glFogfv
wglShareLists
GlmfBeginGlsBlock
glColor3ui
glColor4f

user32

ScreenToClient
LoadCursorA
DialogBoxParamA
LoadCursorW
SetScrollPos
CheckDlgButton
GetMenuItemCount
ReleaseDC
SendMessageW
SetCapture
BeginPaint
UnregisterClassW
DestroyWindow
GetProcessWindowStation
GetParent
CopyRect
ReleaseCapture
ClientToScreen
DispatchMessageW
LoadImageW
GetCursorPos
MapWindowPoints
LoadMenuW
IsWindow
RegisterClassA
SendMessageA
ValidateRect
wsprintfW

Exports

Exports

SmqErcntjk
IrbxdgdVnbhcuSsdxEfl
VfwypdHfmakKtykUw

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3048aeb2f2c606d9dfbacd4ac5a386ea

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

msvcrt

opengl32

user32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.data Size: 116KB - Virtual size: 116KB

.rdata Size: 3KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 72B

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 2KB - Virtual size: 1KB

.data
Size: 116KB - Virtual size: 116KB

.rdata
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 72B

.rsrc
Size: 3KB - Virtual size: 2KB