a55ea4fba07776841dfa28de51257c4d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a55ea4fba07776841dfa28de51257c4d_JaffaCakes118
Size

120KB
MD5

a55ea4fba07776841dfa28de51257c4d
SHA1

63014f6b73b1f46b71ba88f5f157212834894519
SHA256

47e6461b0408c99e2f8e6beeed05103d286819b6549dbb9fc195eeba1400268f
SHA512

0d497a22126b29654892d28152a635af0f35ecf2951e674d5ffc351cf7ebd4fc30773c9708858711be8f7bd8199650f94cca82988c7698b47684908213756d43
SSDEEP

3072:MMPIF+pZHuLU5/NNSbg2AJNXFa//meG42uGLw:MJ+XulOPanmeGJuGLw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a55ea4fba07776841dfa28de51257c4d_JaffaCakes118

Files

a55ea4fba07776841dfa28de51257c4d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

895952b1ceae5ba230232f03d35ef8c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
HeapDestroy
UnhandledExceptionFilter
GlobalUnlock
GlobalAlloc
VirtualAlloc
VirtualFree
lstrcpyW
GetEnvironmentStringsW
CloseHandle
GetTempFileNameW
OutputDebugStringA
VirtualAlloc
GetLastError
GlobalReAlloc
LocalFileTimeToFileTime
GetCommandLineW
ExitProcess
GetProcAddress
SetEndOfFile
GetModuleHandleA
LoadLibraryA
CreatePipe
GetFileType

msvcrt

wcsstr
wcsncpy
__winitenv
exit
_wcsicmp
__setusermatherr
realloc
sprintf
strcpy
strchr
wcschr
__CxxFrameHandler
_onexit
atoi
_vsnprintf
toupper
__getmainargs
memset
fclose
wcstok
__dllonexit
_except_handler3
memcpy
_wtoi
_CxxThrowException
_wtol
wcstol
_c_exit
_wcsnicmp
towupper

user32

SetWindowLongW
GetFocus
IsWindow
GetParent
KillTimer
GetWindowTextLengthW
RegisterClipboardFormatW
RegisterDeviceNotificationA
LoadStringA
TranslateMessage
SetForegroundWindow
SetTimer
MessageBoxW
DialogBoxParamA
PostMessageA
GetDlgItemInt

gdi32

SelectObject
CreateSolidBrush
CreateCompatibleBitmap
CreateFontIndirectA
SetStretchBltMode
GetStockObject
SetBkMode
CreateBitmap
TranslateCharsetInfo
StretchBlt
SetTextColor
PatBlt
CreateCompatibleDC
RestoreDC

opengl32

glTexCoord1sv

Exports

Exports

UpqlfdTsy
NlLdhalheHmdyd
CxiAomtegBqlqYwx
OkojzKgfeeuClk

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 91B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pr000
Size: 512B - Virtual size: 261B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pr001
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pr002
Size: 512B - Virtual size: 370B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

895952b1ceae5ba230232f03d35ef8c6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 91B

.pr000 Size: 512B - Virtual size: 261B

.pr001 Size: 512B - Virtual size: 400B

.pr002 Size: 512B - Virtual size: 370B

.rsrc Size: 105KB - Virtual size: 104KB

.reloc Size: 512B - Virtual size: 48B

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 91B

.pr000
Size: 512B - Virtual size: 261B

.pr001
Size: 512B - Virtual size: 400B

.pr002
Size: 512B - Virtual size: 370B

.rsrc
Size: 105KB - Virtual size: 104KB

.reloc
Size: 512B - Virtual size: 48B