b30c45ff1802050cf1959c7d6e5bc36b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b30c45ff1802050cf1959c7d6e5bc36b_JaffaCakes118
Size

22KB
MD5

b30c45ff1802050cf1959c7d6e5bc36b
SHA1

968739d89f5eb87e9f86313a8877673b53e59cdb
SHA256

4fc3f83ba847ce6a88b6595de266f2b5be312dd42c301b8dfc330c67f57eef63
SHA512

2c86459d994a1a3fee00ec5aea519487d30264ccda9b72b3e4e2b8306d0ab0c4d1a4edfb0dab09873438671ecc72d4492e910076330d01b24c12c0d7d0d9f8a6
SSDEEP

384:yT/kDBGr98lSdndVtCbNQeHf/JNlaukfyH2yuXh7QDOnOnOQfuMK:yrjrNdVMOedeEJ+h7QU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b30c45ff1802050cf1959c7d6e5bc36b_JaffaCakes118

Files

b30c45ff1802050cf1959c7d6e5bc36b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

87ecfa8d5656e0acc5f7a27c9ec058b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcp60

?pubseekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@JFF@Z
?do_compare@?$collate@D@std@@MBEHPBD000@Z
??_F?$moneypunct@G$00@std@@QAEXXZ
??4?$numeric_limits@M@std@@QAEAAV01@ABV01@@Z
?exp@std@@YA?AV?$complex@N@1@ABV21@@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@ABV01@@Z
?max@?$numeric_limits@_N@std@@SA_NXZ
?_Init@?$messages@D@std@@IAEXABV_Locinfo@2@@Z
??4?$_Ctr@O@std@@QAEAAV01@ABV01@@Z
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
??4?$complex@M@std@@QAEAAV01@ABV01@@Z
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UAE@XZ

query

??1CSort@@QAE@XZ
?PutWString@@YGXAAVPSerStream@@PBG@Z
?Clone@CRestriction@@QBEPAV1@XZ
?CloseRecord@CPropStoreManager@@QAEXPAVCCompositePropRecord@@@Z
?Next@CPropertyList@@UAEPBVCPropEntry@@XZ
??0CMmStream@@QAE@KH@Z
?SetDWORDParam@CCatalogAdmin@@QAEXPBGK@Z
??0CPropertyStoreWids@@QAE@AAVCPropStoreManager@@@Z
?SetLPWSTR@CStorageVariant@@QAEXPBGI@Z
??0CPerfMon@@QAE@PBG@Z
InitializeFILTERPerformanceData
?SetPhrase@CContentRestriction@@QAEXPBG@Z

opengl32

glPixelMapuiv
glPushClientAttrib
glNormalPointer
glListBase
glFogi
glTexCoord2fv
glInterleavedArrays
glTexCoord1s
glLoadMatrixd
glPushAttrib
wglRealizeLayerPalette
glTexParameteri
glFinish

crtdll

_ctype
floor
_environ_dll
_onexit
atof
_heapmin
tmpnam
_fmode_dll
vswprintf
_rmdir
_control87
_mbschr

kernel32

IsDBCSLeadByte
LZClose
GetCurrentProcessId
GetTickCount
RemoveLocalAlternateComputerNameA
CreateTimerQueue
VirtualFree
LocalFree
BackupRead
GetConsoleFontSize
GetConsoleNlsMode
EnumUILanguagesA
GetCurrentThreadId
SetConsoleFont
VirtualAlloc
QueryInformationJobObject
_lwrite
SetComPlusPackageInstallStatus
QueryPerformanceCounter

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 641B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87ecfa8d5656e0acc5f7a27c9ec058b9

Headers

DLL Characteristics

File Characteristics

Imports

msvcp60

query

opengl32

crtdll

kernel32

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 1024B - Virtual size: 641B

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 1024B - Virtual size: 641B

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 3KB - Virtual size: 3KB