a7889ef46de0c491f5092fbd1f45eef5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a7889ef46de0c491f5092fbd1f45eef5_JaffaCakes118
Size

136KB
MD5

a7889ef46de0c491f5092fbd1f45eef5
SHA1

174c8e9d06f0f75bec10cd8f5780acaba1afa703
SHA256

419c5a02090ffa45d2ed1fffa98f48f22ac5e976a4530e0af1519c287847d6ee
SHA512

7f2d6a504e225fb1e62f999eedfb997be227909355e2afa99607217f054000d9ed40b02b25e7a2c7d376b639c529f1c535991da5c4129861e2d86cd92e10b210
SSDEEP

3072:+P/E7kkkz4y018Ej3umYyGltqJuetbvJCE2+:+Wkkl71MmilUUz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7889ef46de0c491f5092fbd1f45eef5_JaffaCakes118

Files

a7889ef46de0c491f5092fbd1f45eef5_JaffaCakes118
.exe .ps1 windows:5 windows x86 arch:x86 polyglot

bd8913926a31e8e37d6f85251af3ef88

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetCurrentProcess
_lclose
GetLastError
OutputDebugStringA
ConsoleMenuControl
HeapAlloc
FindFirstFileW
lstrlenA
ExitThread
LoadLibraryW
GetStringTypeW
VirtualFree
GetProcAddress
ContinueDebugEvent
GetWindowsDirectoryA
DeleteTimerQueue
FreeLibrary
VirtualAlloc
VirtualProtect
WriteConsoleW

msvcrt

malloc
swprintf
_cexit
memcpy
__winitenv
__p__fmode
_exit
_purecall
free
_wtol
_wcmdln
__p__commode
strncpy
__CxxFrameHandler
wcschr
wcscmp
_except_handler3
wcscat
_vsnprintf
wcslen
_c_exit
isprint
_adjust_fdiv
_snwprintf
_controlfp
wcscpy
_iob
iswcntrl
_ftol
__initenv
__dllonexit
swscanf

user32

UnregisterClassW
SetScrollPos
CheckDlgButton
MapWindowPoints
CopyRect
ReleaseCapture
LoadCursorA
LoadCursorW
GetProcessWindowStation
DispatchMessageW
GetCursorPos
SetCapture
GetParent
LoadImageW
ReleaseDC
IsWindow
SendMessageA
ScreenToClient
wsprintfW
ClientToScreen
BeginPaint
DestroyWindow
LoadMenuW
SendMessageW
DialogBoxParamA
RegisterClassA
GetMenuItemCount

gdi32

CreateBitmap
Rectangle
TranslateCharsetInfo
SetTextColor
SetBkMode
StretchBlt
RestoreDC
CreateCompatibleDC
CreateFontIndirectW
PatBlt

opengl32

GlmfBeginGlsBlock
glTexCoord2dv
glTexCoord2d
wglShareLists
glColor3ui
glColor4i
glColor4d
glColor4f
glStencilMask
glFogfv

Exports

Exports

MbmUbbkdurQicmn
TfbufkePmbyvqk
ZwPszbjiePisetg

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd8913926a31e8e37d6f85251af3ef88

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 2KB

.crt Size: 512B - Virtual size: 17B

.edata Size: 512B - Virtual size: 124B

.data Size: 55KB - Virtual size: 54KB

.rsrc Size: 64KB - Virtual size: 63KB

.reloc Size: 512B - Virtual size: 88B

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 2KB

.crt
Size: 512B - Virtual size: 17B

.edata
Size: 512B - Virtual size: 124B

.data
Size: 55KB - Virtual size: 54KB

.rsrc
Size: 64KB - Virtual size: 63KB

.reloc
Size: 512B - Virtual size: 88B