a6d1d42d986c464c6d55a21215df065e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a6d1d42d986c464c6d55a21215df065e_JaffaCakes118
Size

122KB
MD5

a6d1d42d986c464c6d55a21215df065e
SHA1

69805b37db0a378747ba67e0f9118df4f59394d8
SHA256

e9d794d9031bf8ebb262bb5e177590642037208321ed0b29eee014f854174e5a
SHA512

fd8bc481a29d1f9b849871cb66f03c5bc3d2b5c08577e181961100282e611e22905db040af50f385a313b350674e635c96cd559b1b3449f148e267e294a57bb8
SSDEEP

3072:D69T2MvWD/FklfoG0rTqPj9ZhOWRgQ854drw:e9xODCAFoLrur4dr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6d1d42d986c464c6d55a21215df065e_JaffaCakes118

Files

a6d1d42d986c464c6d55a21215df065e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

532ae199c676e5929e397e2f47e14456

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteAtom
_lclose
CancelTimerQueueTimer
GetProcAddress
LoadLibraryW
ExitThread
CreateIoCompletionPort
GetLastError
HeapAlloc
VirtualFree
lstrlenA
VirtualProtect
WriteConsoleW
GetStringTypeW
CancelWaitableTimer
FreeLibrary
VirtualAlloc
GetModuleHandleA
GetWindowsDirectoryA
FindFirstFileW
GetCurrentProcess

msvcrt

_ftol
_snwprintf
wcscpy
__winitenv
_wcmdln
swscanf
_except_handler3
__p__fmode
_iob
wcscmp
__initenv
_exit
memcpy
_cexit
strncpy
wcschr
free
_purecall
wcslen
__p__commode
_controlfp
isgraph
__CxxFrameHandler
swprintf
_adjust_fdiv
_c_exit
_wtol
malloc
wcscat
_vsnprintf
__dllonexit

user32

SendMessageA
LoadImageW
CopyRect
ReleaseDC
GetCursorPos
CheckDlgButton
GetProcessWindowStation
RegisterClassA
BeginPaint
ScreenToClient
ReleaseCapture
SetCapture
UnregisterClassW
SendMessageW
LoadMenuW
SetScrollPos
LoadCursorA
DialogBoxParamA
DestroyWindow
wsprintfW
IsWindow
GetParent
DispatchMessageW
MapWindowPoints
LoadCursorW
GetMenuItemCount
ClientToScreen

shell32

SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHGetFolderPathW

opengl32

GlmfBeginGlsBlock
glColor3ui
glTexCoord2dv
wglShareLists
glTexCoord2d
glStencilMask
glColor4i
glColor4d
glColor4f
glFogfv

Exports

Exports

KmmbTobyhhTytqsGf
BxsUoytkpPsl
TanudMqnek

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 98B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

532ae199c676e5929e397e2f47e14456

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

shell32

opengl32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 124B

.data Size: 70KB - Virtual size: 69KB

.rsrc Size: 32KB - Virtual size: 31KB

.reloc Size: 512B - Virtual size: 98B

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 124B

.data
Size: 70KB - Virtual size: 69KB

.rsrc
Size: 32KB - Virtual size: 31KB

.reloc
Size: 512B - Virtual size: 98B