9661d2788fbc0f045e1f6bf1c30908a5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9661d2788fbc0f045e1f6bf1c30908a5_JaffaCakes118
Size

125KB
MD5

9661d2788fbc0f045e1f6bf1c30908a5
SHA1

28d8bf967af59127d90df7455ecbcc9eaed02a7b
SHA256

f2d79f214d50cb366c0524d76ed9b5e1e674fb6a88c5590e495e0dad9b913fc1
SHA512

725a8a7277025262c563d61b620b2bdd01a88ae2e6a331cd881a46e5644ad6a810e4e7c1b8998bf19b86bd85961aeba0bb64560d8271e21b0551271dd6be6e6f
SSDEEP

1536:fRgLPS5dGjN7WgPaDReXfWaGIiabhjA148M0lxCYY0CB1HirO8Hl9Tg+:fRgLPS2B4DLKbhj/ylxwVnHgH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9661d2788fbc0f045e1f6bf1c30908a5_JaffaCakes118

Files

9661d2788fbc0f045e1f6bf1c30908a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0a057b04361fa282afe428973eed95a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetStretchBltMode
DeleteDC
CreatePen
GetTextMetricsW
CreateCompatibleDC
LineTo
GetObjectA
TextOutW
SelectPalette
GetTextExtentPointW
GetTextExtentPoint32W
GetStockObject
SetBkMode

kernel32

CreateFileMappingW
InitializeCriticalSection
LoadLibraryW
ReleaseMutex
GetProcAddress
LoadLibraryExW
SetFileTime
GetModuleHandleA
OutputDebugStringA
QueryPerformanceCounter
GetFileInformationByHandle
ReadFile
GetComputerNameExW
GetCommandLineW
VirtualProtect
ExpandEnvironmentStringsW
DeleteCriticalSection
SetFilePointer
GetFileAttributesA
SetErrorMode
lstrcpyA
VirtualProtect
AddAtomA
VirtualFree
VirtualAlloc
CreateMutexW
ExitProcess
EnterCriticalSection
TerminateThread
CreateThread
SetUnhandledExceptionFilter
GetLocalTime
DisableThreadLibraryCalls
GetFileType
WideCharToMultiByte
GetLocaleInfoA

msvcrt

_vsnprintf
__set_app_type
__getmainargs
free
_except_handler3
exit
__CxxFrameHandler
strncpy
_vsnwprintf
fprintf
__wgetmainargs
strchr
towupper
malloc
memcpy
memset
_wcmdln
_c_exit
toupper
__p__commode
__p__fmode
_wcsicmp
_initterm
memmove
isalpha
__dllonexit
swprintf
_adjust_fdiv
_ftol

opengl32

glRectf
glStencilOp
glNormal3bv
glStencilMask
glRasterPos4dv
glRasterPos4i
glColor4dv

user32

GetSystemMenu
WinHelpW
DrawIcon
CreateWindowExA
SetWindowLongW
GetMessageW
CheckRadioButton
SetWindowTextA
SetFocus
SetForegroundWindow
SetWindowsHookExW
ValidateRect
GetDlgItemInt
GetDesktopWindow
DispatchMessageW
MoveWindow
GetSysColor
DefWindowProcA
RegisterClipboardFormatW
IsDlgButtonChecked
ClientToScreen
MessageBeep
CreateWindowExW
DefWindowProcW
DrawEdge
IsRectEmpty
ShowCursor
SendMessageW

Exports

Exports

SmqErcntjk
IrbxdgdVnbhcuSsdxEfl
VfwypdHfmakKtykUw

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a057b04361fa282afe428973eed95a1

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

msvcrt

opengl32

user32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.data Size: 116KB - Virtual size: 115KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 68B

.rdata Size: 3KB - Virtual size: 2KB

.text
Size: 2KB - Virtual size: 1KB

.data
Size: 116KB - Virtual size: 115KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 68B

.rdata
Size: 3KB - Virtual size: 2KB