8496b72878c69a42d02316f5b66324a1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8496b72878c69a42d02316f5b66324a1_JaffaCakes118
Size

134KB
MD5

8496b72878c69a42d02316f5b66324a1
SHA1

d97fcf81fd3d1c1fb14dbe79f9de59a2d1ff8db0
SHA256

55cde02c4688d9cf10ca548be934285608c96bf00c455113dc089a60f6992f48
SHA512

4e244d066650a49aefd04d1c40f8a09ad1486de1c6afeb9372ba47bc28b4c9ac1c920b52986afbe41d6b1b2e4e68dc3cdb11c46dd2a90f08f79a2bd60ad046d4
SSDEEP

3072:zjrBH+OunFei7bWwVa0Pgx4LSoQRCLuA6drziy:fJunRidLGQy98r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8496b72878c69a42d02316f5b66324a1_JaffaCakes118

Files

8496b72878c69a42d02316f5b66324a1_JaffaCakes118
.dll windows:5 windows x86 arch:x86

db5450c4901b7e9f1c0a98be8b3d6136

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteAtom
_lclose
CompareFileTime
GetProcAddress
LoadLibraryW
ExitThread
GetModuleHandleA
GetLastError
HeapAlloc
VirtualFree
lstrlenA
VirtualProtect
WriteConsoleW
GetStringTypeW
CompareStringA
FreeLibrary
VirtualAlloc
OutputDebugStringA
GetWindowsDirectoryA
FindFirstFileW
GetCurrentProcess

msvcrt

_ftol
_snwprintf
wcscpy
__winitenv
_wcmdln
swscanf
_except_handler3
__p__fmode
_iob
wcscmp
__initenv
_exit
memcpy
_cexit
strncpy
wcschr
free
_purecall
wcslen
__p__commode
_controlfp
isprint
__CxxFrameHandler
swprintf
_adjust_fdiv
_c_exit
_wtol
malloc
wcscat
_vsnprintf
__dllonexit

user32

SendMessageA
LoadImageW
CopyRect
ReleaseDC
GetCursorPos
CheckDlgButton
GetProcessWindowStation
RegisterClassA
BeginPaint
ScreenToClient
ReleaseCapture
SetCapture
UnregisterClassW
SendMessageW
LoadMenuW
SetScrollPos
LoadCursorA
DialogBoxParamA
DestroyWindow
wsprintfW
IsWindow
GetParent
DispatchMessageW
MapWindowPoints
LoadCursorW
GetMenuItemCount
ClientToScreen

gdi32

CreateFontIndirectW
SetTextColor
StretchBlt
Rectangle
CreateBitmap
CreateCompatibleDC
RestoreDC
TranslateCharsetInfo
PatBlt
SetBkMode

opengl32

glTexCoord2d
wglShareLists
glColor3ui
glColor4f
glColor4i
GlmfBeginGlsBlock
glColor4d
glTexCoord2dv
glStencilMask
glFogfv

Exports

Exports

MbmUbbkdurQicmn
TfbufkePmbyvqk
ZwPszbjiePisetg

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db5450c4901b7e9f1c0a98be8b3d6136

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 124B

.crt Size: 512B - Virtual size: 17B

.data Size: 54KB - Virtual size: 53KB

.rsrc Size: 62KB - Virtual size: 62KB

.reloc Size: 512B - Virtual size: 118B

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 124B

.crt
Size: 512B - Virtual size: 17B

.data
Size: 54KB - Virtual size: 53KB

.rsrc
Size: 62KB - Virtual size: 62KB

.reloc
Size: 512B - Virtual size: 118B