af30ea897769931426e821ebe22e6768_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

af30ea897769931426e821ebe22e6768_JaffaCakes118
Size

124KB
MD5

af30ea897769931426e821ebe22e6768
SHA1

db3a0bb1827e5c15ab84b329c221ba7b338c73a8
SHA256

dfb783062c8d7dfdace11105e922bd3ab28f75176725e9180337875140c15c52
SHA512

8b8bba3d6084ce3c1111186d6d74bdd4e62ffa7e73b0712f61eac64bfb5026e48c769dc08435d71e218382389b1061b2b190ec9e6c3bc1cff2e2d863c5c816d2
SSDEEP

3072:C4BWjYeJrJIFu/gnimjWRsHCBWsjBoMifZ:C4IjYCrao/glWR6KjBoH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af30ea897769931426e821ebe22e6768_JaffaCakes118

Files

af30ea897769931426e821ebe22e6768_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b02bd51bed9db3af26793f4b398fbfa3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteAtom
ClearCommBreak
LoadLibraryW
_lclose
ExitThread
GetWindowsDirectoryA
GetProcAddress
HeapAlloc
GetModuleHandleA
GetLastError
VirtualProtect
GetStringTypeW
FreeLibrary
FindFirstFileW
lstrlenA
CheckRemoteDebuggerPresent
VirtualAlloc
GetCurrentProcess
VirtualFree
WriteConsoleW

msvcrt

_wcmdln
_iob
strncpy
__initenv
__p__fmode
_controlfp
swscanf
__p__commode
_vsnprintf
__dllonexit
_cexit
islower
wcschr
wcscat
_wtol
_purecall
_except_handler3
_ftol
__winitenv
_c_exit
_snwprintf
wcslen
malloc
memcpy
wcscpy
swprintf
free
__CxxFrameHandler
_exit
_adjust_fdiv
wcscmp

user32

CheckDlgButton
GetProcessWindowStation
DispatchMessageW
MapWindowPoints
LoadCursorA
RegisterClassA
SetScrollPos
GetCursorPos
GetParent
ReleaseCapture
CopyRect
ScreenToClient
wsprintfW
UnregisterClassW
DialogBoxParamA
IsWindow
LoadCursorW
BeginPaint
ReleaseDC
LoadImageW
SetCapture
LoadMenuW
DestroyWindow
SendMessageA
SendMessageW
GetMenuItemCount
ClientToScreen

shell32

SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHGetFolderPathW

opengl32

GlmfBeginGlsBlock
glColor3ui
glTexCoord2dv
wglShareLists
glTexCoord2d
glStencilMask
glColor4i
glColor4d
glColor4f
glFogfv

Exports

Exports

KmmbTobyhhTytqsGf
BxsUoytkpPsl
TanudMqnek

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 90B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b02bd51bed9db3af26793f4b398fbfa3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

shell32

opengl32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 124B

.crt Size: 512B - Virtual size: 17B

.data Size: 70KB - Virtual size: 70KB

.rsrc Size: 32KB - Virtual size: 32KB

.reloc Size: 512B - Virtual size: 90B

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 124B

.crt
Size: 512B - Virtual size: 17B

.data
Size: 70KB - Virtual size: 70KB

.rsrc
Size: 32KB - Virtual size: 32KB

.reloc
Size: 512B - Virtual size: 90B