b922b13f4ff1527bde3f8a90949fe185_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b922b13f4ff1527bde3f8a90949fe185_JaffaCakes118
Size

80KB
MD5

b922b13f4ff1527bde3f8a90949fe185
SHA1

68709379c67317067cf678609ad9bfc250e5177a
SHA256

5f8d595e5751032293e074c6c8bed148d831ee3b39b373cadc122f040c033f86
SHA512

900c80d05d8a26b05f265efbaeb0b7972490f72e3a7a39e6fbf02289f67a9fc0a7ab3ee307c45f29694389c2f02bae3dbf8af63c87ffe02b06da4ec682da1f4d
SSDEEP

1536:v/KL5dkBfw6WVLI3/KDJzXfFBCuUOF7twQxLmnwBdyWpdB/gdQPy:3KLwfZW8CxDFtfNdVgw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b922b13f4ff1527bde3f8a90949fe185_JaffaCakes118

Files

b922b13f4ff1527bde3f8a90949fe185_JaffaCakes118
.dll windows:4 windows x86 arch:x86

87f1ad44e4f6d9a3bfee52ee754e6e8a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RtlUnwind
FreeLibrary
GetCommandLineA
InterlockedExchange
MapViewOfFile
MapViewOfFile
SystemTimeToFileTime
GetTimeFormatW
CreateFileW
VirtualAlloc
GetVersionExA
GetConsoleOutputCP
CreateDirectoryA
GetCurrentProcessId
ExitProcess
SetFilePointer
lstrcpynW
LoadLibraryA
HeapFree
GetLastError
GetProcAddress
DeviceIoControl
GetModuleHandleW
GetModuleHandleA
SetStdHandle
GetCurrentThreadId
Sleep
VirtualAlloc
CreateProcessA
GetCurrentThread
GlobalUnlock
GetTempFileNameW
GetSystemTime
DosDateTimeToFileTime
LoadLibraryA
ReadFile
GetVolumeInformationW
GetFileInformationByHandle

msvcrt

_snwprintf
strchr
memmove
_wtoi
wcstol
ispunct
wcscpy
_wcsicmp
_except_handler3
fflush
memcpy
strncpy
_onexit
toupper
_initterm
__CxxFrameHandler
_wtol
_XcptFilter
_vsnprintf
_exit
__getmainargs
fprintf
__wgetmainargs
malloc

user32

DestroyWindow
EnableMenuItem
CopyRect
TranslateAcceleratorW
IsWindow
SetScrollPos
ShowWindow
GetProcessWindowStation
SetForegroundWindow
EnumThreadWindows
ReleaseCapture
DefDlgProcW
SetWindowsHookExW
GetActiveWindow
SetFocus
GetFocus
DrawTextW
RedrawWindow
SetTimer
FillRect
LoadStringW
GetAsyncKeyState
CheckMenuItem
CheckDlgButton
BeginPaint
GetCapture
CharUpperW
DefWindowProcW

gdi32

TextOutW
ExtTextOutW
TranslateCharsetInfo
RealizePalette
RestoreDC
SelectPalette
GetTextExtentPoint32W
SetWindowExtEx
GetTextExtentPointW
SetBkMode
SetBkColor
CreatePalette
SaveDC
StretchBlt
GetObjectW
PatBlt

opengl32

glClearDepth

Exports

Exports

HsLzponRvblnGjrlgpm
RsqSjgblCxdynrgBb

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lsd0
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lsd1
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87f1ad44e4f6d9a3bfee52ee754e6e8a

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 88B

.lsd0 Size: 1KB - Virtual size: 1KB

.lsd1 Size: 1KB - Virtual size: 1KB

.rsrc Size: 66KB - Virtual size: 66KB

.reloc Size: 512B - Virtual size: 48B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 88B

.lsd0
Size: 1KB - Virtual size: 1KB

.lsd1
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 66KB - Virtual size: 66KB

.reloc
Size: 512B - Virtual size: 48B