70c863c0c46480f7e3bfb649048343dd_JaffaCakes118

General

Target

70c863c0c46480f7e3bfb649048343dd_JaffaCakes118
Size

92KB
MD5

70c863c0c46480f7e3bfb649048343dd
SHA1

e27dc94cb5a93f1e752dc9e29bb9796a454993bb
SHA256

bb131bfc449df3bb626ccd2a518c80bdb1b59526fda59f97515c1e4f6c3d9808
SHA512

ddff67f3bde6579eea106b242ef2ca33753c821f4d866083c656203992cedbd14c70b45a6ee98175c835d582dc51ce94a60013a745c2b0ada0c0ba05605027c1
SSDEEP

1536:tjVMdcJjyJQ2oNc9MMAb5AMfgRQT/AcDwOo/s4p7XaTJI0/s4debVM3EbQm:tBMdmjCeQMZ2MgCrG1VXkJ1HdT3EE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70c863c0c46480f7e3bfb649048343dd_JaffaCakes118

Files

70c863c0c46480f7e3bfb649048343dd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e3836b04f65bcd2c6f986892a6ee5645

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
GetTimeZoneInformation
IsBadStringPtrW
GetEnvironmentVariableW
EraseTape
VerSetConditionMask
GetCurrentProcess
GetLastError
GetSystemDefaultLCID
CreateDirectoryA
GetModuleHandleA
CreateFileMappingW
IsBadWritePtr
GetEnvironmentVariableA
CallNamedPipeA
GetStringTypeExA

msvcrt

_fputchar
_mbctolower
memcpy
_putws
wcsftime
iswupper
_mbcjistojms
wcstombs

winmm

sndPlaySoundW
midiConnect
waveInGetPosition
joyGetDevCapsW
waveInGetDevCapsA
midiInReset
waveInMessage
midiOutGetErrorTextA
CloseDriver
waveInOpen
mmioCreateChunk
mmTaskCreate

opengl32

glLoadIdentity
glEnableClientState
glRasterPos4sv
wglGetPixelFormat
glColor3fv
glColor3usv
wglCreateLayerContext
glTexEnviv
glVertex3sv
glTexCoord1d
wglUseFontBitmapsA
glHint
glEvalCoord1fv
glTexGenf

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3836b04f65bcd2c6f986892a6ee5645

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

winmm

opengl32

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 81KB - Virtual size: 80KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 28B

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 81KB - Virtual size: 80KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 28B