a34659ef60081bc044736437bc7c3a7d_JaffaCakes118

General

Target

a34659ef60081bc044736437bc7c3a7d_JaffaCakes118
Size

3.4MB
MD5

a34659ef60081bc044736437bc7c3a7d
SHA1

e346eeb54799b22b9c2bf98360b1d7f7f8efb651
SHA256

6f302fa7c82b45ea4f2577f26edbed780993880e39dfc1546321505e45b482b5
SHA512

d8af14f1c48ae7af324d0aeb02d99999b661ce04e499d8b2da125742580d6b524b1ab0eeab1f099f84426da243f44218cf868de02b4274ae1283fe6536ae93e6
SSDEEP

98304:SBI/KwpgIEdepJaiEK1/ubP9JWUnyAMjZBXYvT:SqyJLsy7qUn+ZBo7

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/m16l.dll
unpack001/m16l.exe

Files

a34659ef60081bc044736437bc7c3a7d_JaffaCakes118
.zip
m16l.dll
.dll windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

?w3l_create_account3@@YAHXZ
?w3l_do_hash@@YAXPADPAUbnet_hash_ctx@@@Z
?w3l_hash_init@@YIXPAK@Z
?w3l_logon_proof_hash_rev@@YGHPADPAX1@Z
?w3l_lph_checked_rev@@YIHPAH0PAX1@Z
GameMain

Sections

Size: 37KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xgxywgve
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ixqzjudx
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
m16l.exe
.exe windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 52KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kxcwhesf
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ezfivxwt
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

Imports

kernel32

comctl32

Exports

Exports

Sections

Size: 37KB - Virtual size: 88KB

.rsrc Size: 1024B - Virtual size: 1KB

.idata Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 2.6MB

xgxywgve Size: 1.6MB - Virtual size: 1.6MB

ixqzjudx Size: 512B - Virtual size: 4KB

.taggant Size: 8KB - Virtual size: 12KB

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comctl32

Sections

Size: 52KB - Virtual size: 112KB

.rsrc Size: 7KB - Virtual size: 15KB

.idata Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 2.7MB

kxcwhesf Size: 1.7MB - Virtual size: 1.7MB

ezfivxwt Size: 512B - Virtual size: 4KB

.taggant Size: 8KB - Virtual size: 12KB

.rsrc
Size: 1024B - Virtual size: 1KB

.idata
Size: 512B - Virtual size: 4KB

xgxywgve
Size: 1.6MB - Virtual size: 1.6MB

ixqzjudx
Size: 512B - Virtual size: 4KB

.taggant
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 7KB - Virtual size: 15KB

.idata
Size: 512B - Virtual size: 4KB

kxcwhesf
Size: 1.7MB - Virtual size: 1.7MB

ezfivxwt
Size: 512B - Virtual size: 4KB

.taggant
Size: 8KB - Virtual size: 12KB