859060192d986208441919c572dce9fa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

859060192d986208441919c572dce9fa_JaffaCakes118
Size

189KB
MD5

859060192d986208441919c572dce9fa
SHA1

489dfac131ecc8b3b954ff6212f2311708738fde
SHA256

4ba808c4ad6b1fc0090fe6264acfdfe6c53f720b9e9a7a202cc429293fece8cb
SHA512

e29bf17aea188fdc91611a1ea5c8c05a6905f357bdea9a5afdec62f0857498c0fe76b8758810d0b8e58b36ae8aedb076edbe0397049d0d12ba952024e314458c
SSDEEP

3072:18PsnSBbiHWbD9Uqk0H5y2FUbvCLaH6LiqmC0TYXWtv/HG/ZmbF2iy51dsfCQ2gb:bnQBegRW4iqmC0HvPG/cbF2382g9Oy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
859060192d986208441919c572dce9fa_JaffaCakes118

Files

859060192d986208441919c572dce9fa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a7007b3053505f2822601181bb1953b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlNumberOfSetBits
RtlAddAuditAccessAce
RtlFirstEntrySList
strcspn
fabs
RtlInitAnsiString
ZwLockRegistryKey
NtSignalAndWaitForSingleObject
ZwPrivilegeObjectAuditAlarm
RtlSetTimer
RtlCancelTimer
ZwQuerySection

opengl32

glTexCoord2d
glMaterialfv
glDepthMask
glGetFloatv
glEnable
glGetMaterialfv
glTexCoord4f
glCopyTexImage1D
wglUseFontOutlinesW
glTexGenfv
glTexEnvfv
wglShareLists
glColor4usv
wglMakeCurrent
glSelectBuffer
glRasterPos4sv
glFlush

kernel32

ExitThread
ReadConsoleInputExA
GetCurrentProcessId
TransmitCommChar
GetSystemWow64DirectoryW
FindResourceExA
SetComPlusPackageInstallStatus
SetConsoleKeyShortcuts
GetCurrentThreadId
IsBadCodePtr
GetCurrentThread
VerLanguageNameA
WriteProfileSectionW
FindFirstVolumeMountPointW
PeekConsoleInputA
VirtualAlloc
SetUserGeoID
GetGeoInfoA
GetTickCount
_lread
SetComputerNameW
LZClose
IsBadHugeWritePtr
GetWindowsDirectoryA
GetNextVDMCommand
HeapValidate
FindFirstChangeNotificationA
GetFileTime
SetConsoleOutputCP
HeapLock
HeapUnlock
QueryPerformanceCounter
GetCommConfig
AddAtomW

msvcrt20

?sputc@streambuf@@QAEHH@Z
getwchar
asin
puts
_makepath
?gcount@istream@@QBEHXZ
??_8strstream@@7Bostream@@@
_tcsnccnt
_wexecvpe
??5istream@@QAEAAV0@AAE@Z
??0ostream@@IAE@ABV0@@Z
?seekp@ostream@@QAEAAV1@J@Z
_fileno
??_Giostream@@UAEPAXI@Z
iswxdigit
??_7stdiostream@@6B@

hid

HidD_GetPhysicalDescriptor
HidP_SetScaledUsageValue
HidD_Hello
HidP_SetUsageValueArray
HidP_GetData
HidD_GetMsGenreDescriptor
HidD_GetInputReport
HidD_SetConfiguration
HidD_GetFeature
HidD_GetNumInputBuffers
HidP_GetUsagesEx
HidP_GetUsages
HidP_UnsetUsages
HidP_UsageListDifference
HidP_GetScaledUsageValue
HidP_GetLinkCollectionNodes
HidD_GetHidGuid

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idate
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7007b3053505f2822601181bb1953b9

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

opengl32

kernel32

msvcrt20

hid

Sections

.text Size: 97KB - Virtual size: 97KB

.idate Size: 54KB - Virtual size: 53KB

.data Size: 34KB - Virtual size: 36KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 97KB - Virtual size: 97KB

.idate
Size: 54KB - Virtual size: 53KB

.data
Size: 34KB - Virtual size: 36KB

.rsrc
Size: 2KB - Virtual size: 1KB