bdc51185db3f1d2003750062d2194bd0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bdc51185db3f1d2003750062d2194bd0_JaffaCakes118
Size

141KB
MD5

bdc51185db3f1d2003750062d2194bd0
SHA1

4f7f4cad23acd932c8ab1454f2f6ab97669d36dc
SHA256

e6163f3503534ed1df32c275b574e29ec063f4a2e34142076c4aa59f12dae8b7
SHA512

16fed121f428c5defda74c30a55bece92e939ab0faabb2ec4ec9abd84c3829821cbc6b69e930e84c106255dd8ec3c8b04aff245410b2e6971c44d198b807f2ba
SSDEEP

3072:5CoFMhxXOfU935TV9iGxrNOvtot/E6hlqULHmDdL+fgrU:tzfO35p9L8vto26TqKHmDdMgr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdc51185db3f1d2003750062d2194bd0_JaffaCakes118

Files

bdc51185db3f1d2003750062d2194bd0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

56a582eeb253d0af5173681b3e098566

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
FileTimeToSystemTime
ExitThread
GetModuleHandleA
GetCurrentProcess
VirtualFree
OutputDebugStringA
EndUpdateResourceA
LoadLibraryW
TerminateThread
GetCurrentDirectoryA
lstrcpyW
DosDateTimeToFileTime
CreateEventA
CloseHandle
GetEnvironmentStringsW
SetHandleCount
lstrcpynA
GetStdHandle
CreateMutexA
SetEvent
GlobalAlloc
VirtualAlloc
GetThreadLocale
FreeEnvironmentStringsA
GetFileAttributesA
GetACP
GetStartupInfoW
VirtualProtect
GetConsoleMode
GetTimeFormatW
GetModuleFileNameW
GetProcAddress
CreateEventW

msvcrt

wcsrchr
_wcmdln
wcscmp
printf
atoi
tmpnam
__CxxFrameHandler
wcstol
wcstok
swscanf
strncpy
towupper
memcpy
memset
_wcsicmp
__setusermatherr
_wcsnicmp
toupper
_XcptFilter
_wtoi
wcsncpy

user32

IsWindow
CheckDlgButton
DestroyWindow
ReleaseCapture
SendMessageW
ScreenToClient
LoadCursorA
UnregisterClassW
GetParent
LoadImageW
GetMenuItemCount
LoadMenuW
RegisterClassA
GetCursorPos
ReleaseDC
wsprintfW
GetProcessWindowStation
MapWindowPoints
DialogBoxParamA
SetScrollPos
DispatchMessageW
CopyRect
SetCapture
BeginPaint
SendMessageA
ClientToScreen
LoadCursorW

gdi32

Rectangle
SetTextColor
CreateFontIndirectW
SetBkMode
CreateBitmap
TranslateCharsetInfo
StretchBlt
RestoreDC
PatBlt
CreateCompatibleDC

opengl32

GlmfBeginGlsBlock
glColor3ui
wglShareLists
glColor4i
glColor4f
glTexCoord2dv
glStencilMask
glTexCoord2d
glColor4d
glFogfv

Exports

Exports

VilJlhuQpanqTzh
YaNgetjMbklbzIawgzWns
AeKzzenVyzzq

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.crt
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 115B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 262B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56a582eeb253d0af5173681b3e098566

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.crt Size: 512B - Virtual size: 72B

.rdata Size: 3KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 115B

.data Size: 57KB - Virtual size: 56KB

.rsrc Size: 65KB - Virtual size: 64KB

.reloc Size: 512B - Virtual size: 262B

.text
Size: 14KB - Virtual size: 13KB

.crt
Size: 512B - Virtual size: 72B

.rdata
Size: 3KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 115B

.data
Size: 57KB - Virtual size: 56KB

.rsrc
Size: 65KB - Virtual size: 64KB

.reloc
Size: 512B - Virtual size: 262B