bc080acb08b603b1871673248b888e25_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bc080acb08b603b1871673248b888e25_JaffaCakes118
Size

80KB
MD5

bc080acb08b603b1871673248b888e25
SHA1

3ff6304274bfc9dcae8dd779b49f21495a4cdf40
SHA256

bbd7b82fc3c213aac7b8774cf200b990f79d924ba064bf0592760f8f187da3c3
SHA512

1548561226ffacdce2e66d6da31a33f6ce51efe0bced690819b6d729e698fc608f50c27836483342a513702a849c7ba9373cb783331afa21ef49f742463eefc0
SSDEEP

1536:vHBv/1bsXs7JtrhYMoo9zFVuCrJ0xI2JAh6e4fHBNyt/j4UiaV:F1bsXurXFVu9B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc080acb08b603b1871673248b888e25_JaffaCakes118

Files

bc080acb08b603b1871673248b888e25_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0e088ad3fa0fc2097075f7bde310639d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
FreeLibrary
GetCommandLineA
InterlockedExchange
MapViewOfFile
MapViewOfFile
SystemTimeToFileTime
GetTimeFormatW
CreateFileW
VirtualAlloc
GetVersionExA
GetConsoleOutputCP
CreateDirectoryA
GetCurrentProcessId
ExitProcess
SetFilePointer
lstrcpynW
LoadLibraryA
HeapFree
GetLastError
GetProcAddress
DeviceIoControl
GetModuleHandleW
GetModuleHandleA
SetStdHandle
GetCurrentThreadId
Sleep
VirtualAlloc
CreateProcessA
GetCurrentThread
GlobalUnlock
GetTempFileNameW
GetSystemTime
DosDateTimeToFileTime
LoadLibraryA
ReadFile
GetVolumeInformationW
GetFileInformationByHandle

msvcrt

_snwprintf
strchr
memmove
_wtoi
wcstol
is_wctype
wcscpy
_wcsicmp
_except_handler3
fflush
memcpy
strncpy
_onexit
toupper
_initterm
__CxxFrameHandler
_wtol
_XcptFilter
_vsnprintf
_exit
__getmainargs
fprintf
__wgetmainargs
malloc

user32

DestroyWindow
EnableMenuItem
CopyRect
TranslateAcceleratorW
IsWindow
SetScrollPos
ShowWindow
GetProcessWindowStation
SetForegroundWindow
EnumThreadWindows
ReleaseCapture
DefDlgProcW
SetWindowsHookExW
GetActiveWindow
SetFocus
GetFocus
DrawTextW
RedrawWindow
SetTimer
FillRect
LoadStringW
GetAsyncKeyState
CheckMenuItem
CheckDlgButton
BeginPaint
GetCapture
CharUpperW
DefWindowProcW

gdi32

TextOutW
ExtTextOutW
TranslateCharsetInfo
RealizePalette
RestoreDC
SelectPalette
GetTextExtentPoint32W
SetWindowExtEx
GetTextExtentPointW
SetBkMode
SetBkColor
CreatePalette
SaveDC
StretchBlt
GetObjectW
PatBlt

opengl32

glClearDepth

Exports

Exports

ZjVlbinVuzrOnbzjiGyn
Woafrev
WayeIvwjvgzSj

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lsd0
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lsd1
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e088ad3fa0fc2097075f7bde310639d

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 88B

.lsd0 Size: 1KB - Virtual size: 1KB

.lsd1 Size: 1KB - Virtual size: 1KB

.rsrc Size: 66KB - Virtual size: 66KB

.reloc Size: 512B - Virtual size: 48B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 88B

.lsd0
Size: 1KB - Virtual size: 1KB

.lsd1
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 66KB - Virtual size: 66KB

.reloc
Size: 512B - Virtual size: 48B