971e0e63facef44d96a4cc801e100183_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

971e0e63facef44d96a4cc801e100183_JaffaCakes118
Size

54KB
MD5

971e0e63facef44d96a4cc801e100183
SHA1

0e5c6359df3db4337bf61ec221050da19dfe6163
SHA256

ff5a6cca02e1eb6692728b47cb522b23de9deadc0eb951abf489c05131b5ef0a
SHA512

dc17ae7a25294ab0b39d57ed571a0888d9757df1e6398678a0c073b6239bc34ad03aafc9e21f55f7d70d226dc438ee6ace35ebb7ad2d53ed898b27c61459af7d
SSDEEP

768:DMmdXD/Zj9q4in9UYzRXcUOFhElfkj8YYfhbnLIxng5kJWhCQVGvQq03Ho:wmt/7livlcLE6qfEg5kJWCQVAmI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
971e0e63facef44d96a4cc801e100183_JaffaCakes118

Files

971e0e63facef44d96a4cc801e100183_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46d15ce95132ba58114d1b4af8cf892a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
ExitProcess
OpenFile
MulDiv
GetTempFileNameA
GetFullPathNameA
CopyFileExA
GetProcAddress
FindAtomW
GetLastError
SetComputerNameW

user32

EmptyClipboard
WinHelpA
CreateAcceleratorTableW
DialogBoxParamA
GetKeyState
GetFocus
GetMenuItemRect
GetMenu
EnumDesktopWindows
SetCursorPos
IsWindow
TrackPopupMenu
CharUpperW
EndMenu
CreateAcceleratorTableA
LoadIconW
GetMenuStringA
EnumChildWindows
GetDlgItemTextW
GetMenuStringW
GetDC
ArrangeIconicWindows
MessageBoxIndirectA
LoadMenuIndirectW
ActivateKeyboardLayout
LoadMenuA
BringWindowToTop
GetCapture
CreateDialogParamA
GetActiveWindow
CreateDialogParamW
CharUpperA
SetMenu
FindWindowW
WaitMessage
DefDlgProcA
InsertMenuW
LoadImageA
IsWindowEnabled
CreateMenu
SendDlgItemMessageA
PeekMessageW

gdi32

RestoreDC
LPtoDP
StretchDIBits
GetDCOrgEx
SetBitmapDimensionEx
AngleArc
GetGraphicsMode
CreateBitmapIndirect
OffsetWindowOrgEx
GetGlyphOutlineA

advapi32

RegQueryValueW
RegCreateKeyExA
RegRestoreKeyW

opengl32

glPixelZoom
glColor3s
glTexCoord4i
glTexCoord4s
glIsTexture
glInitNames
glLineWidth
glGetTexEnvfv

urlmon

BindAsyncMoniker
RegisterBindStatusCallback
CoInternetCompareUrl
CreateURLMonikerEx
URLDownloadToFileW

winspool.drv

DeletePrinter
OpenPrinterA

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ORFPGq
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dPz
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hf
Size: 1024B - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.auCle
Size: 2KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.JtMaq
Size: 1KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jNlvjB
Size: 1024B - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.roSqR
Size: 2KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jZRVJr
Size: 1024B - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46d15ce95132ba58114d1b4af8cf892a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

opengl32

urlmon

winspool.drv

Sections

.text Size: 12KB - Virtual size: 11KB

.ORFPGq Size: 512B - Virtual size: 4KB

.dPz Size: 1KB - Virtual size: 4KB

.hf Size: 1024B - Virtual size: 41KB

.auCle Size: 2KB - Virtual size: 12KB

.JtMaq Size: 1KB - Virtual size: 22KB

.jNlvjB Size: 1024B - Virtual size: 28KB

.roSqR Size: 2KB - Virtual size: 30KB

.data Size: 5KB - Virtual size: 4KB

.jZRVJr Size: 1024B - Virtual size: 275KB

.rsrc Size: 228KB - Virtual size: 227KB

.text
Size: 12KB - Virtual size: 11KB

.ORFPGq
Size: 512B - Virtual size: 4KB

.dPz
Size: 1KB - Virtual size: 4KB

.hf
Size: 1024B - Virtual size: 41KB

.auCle
Size: 2KB - Virtual size: 12KB

.JtMaq
Size: 1KB - Virtual size: 22KB

.jNlvjB
Size: 1024B - Virtual size: 28KB

.roSqR
Size: 2KB - Virtual size: 30KB

.data
Size: 5KB - Virtual size: 4KB

.jZRVJr
Size: 1024B - Virtual size: 275KB

.rsrc
Size: 228KB - Virtual size: 227KB