82b73bc3ad9eccce04cb2e62c5bd69eb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

82b73bc3ad9eccce04cb2e62c5bd69eb_JaffaCakes118
Size

136KB
MD5

82b73bc3ad9eccce04cb2e62c5bd69eb
SHA1

ea8389697c0c2afc3b8c09d7f1001a10f0eef8b1
SHA256

d0d91f3617b5c403c3ccbef72b97ee470f2150f6283f9fd19c32716cd480343b
SHA512

3e973fbf0ba6e6457cb4e9c4ca5a4f84ec9563ee3aa22eb1bf68cb7b8ea26234fbb492236658f6580bffb3424f98200492eb6e48bcc3baae940086ea40a09d22
SSDEEP

3072:DR1xo6RhtRROeRahxq536CkTtRUiu2yVrymZXQrbVZfy:Dho6RZLahp3zq7yxVN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82b73bc3ad9eccce04cb2e62c5bd69eb_JaffaCakes118

Files

82b73bc3ad9eccce04cb2e62c5bd69eb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

da800435f81e3a2bb12cada4fcea73c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteTimerQueue
VirtualAlloc
ConvertDefaultLocale
VirtualFree
_lclose
GetStringTypeW
FreeLibrary
HeapAlloc
lstrlenA
ExitThread
ConvertFiberToThread
FindFirstFileW
VirtualProtect
LoadLibraryW
WriteConsoleW
GetWindowsDirectoryA
GetCurrentProcess
GetModuleHandleA
OutputDebugStringA
GetLastError
GetProcAddress

msvcrt

__p__fmode
__p__commode
__initenv
_c_exit
_exit
_purecall
isprint
wcslen
_controlfp
swprintf
_wtol
_wcmdln
_cexit
wcscat
wcscmp
__winitenv
_iob
_vsnprintf
swscanf
free
__CxxFrameHandler
_ftol
iswcntrl
strncpy
wcschr
_except_handler3
memcpy
malloc
_adjust_fdiv
wcscpy
__dllonexit
_snwprintf

user32

GetProcessWindowStation
ClientToScreen
CopyRect
DialogBoxParamA
ReleaseCapture
LoadImageW
GetCursorPos
LoadCursorW
UnregisterClassW
CheckDlgButton
GetParent
ScreenToClient
SetCapture
BeginPaint
RegisterClassA
ReleaseDC
IsWindow
DispatchMessageW
DestroyWindow
wsprintfW
GetMenuItemCount
LoadMenuW
SendMessageW
SendMessageA
MapWindowPoints
LoadCursorA
SetScrollPos

gdi32

Rectangle
CreateFontIndirectW
TranslateCharsetInfo
StretchBlt
SetBkMode
PatBlt
SetTextColor
RestoreDC
CreateCompatibleDC
CreateBitmap

opengl32

glColor4f
glFogfv
wglShareLists
glColor4i
glColor3ui
glColor4d
glTexCoord2dv
glStencilMask
glTexCoord2d
GlmfBeginGlsBlock

Exports

Exports

MbmUbbkdurQicmn
TfbufkePmbyvqk
ZwPszbjiePisetg

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da800435f81e3a2bb12cada4fcea73c1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 2KB

.crt Size: 512B - Virtual size: 17B

.edata Size: 512B - Virtual size: 124B

.data Size: 55KB - Virtual size: 54KB

.rsrc Size: 64KB - Virtual size: 63KB

.reloc Size: 512B - Virtual size: 88B

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 2KB

.crt
Size: 512B - Virtual size: 17B

.edata
Size: 512B - Virtual size: 124B

.data
Size: 55KB - Virtual size: 54KB

.rsrc
Size: 64KB - Virtual size: 63KB

.reloc
Size: 512B - Virtual size: 88B