bef9b8fd532247fa1223a1f08a00a544_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bef9b8fd532247fa1223a1f08a00a544_JaffaCakes118
Size

22KB
MD5

bef9b8fd532247fa1223a1f08a00a544
SHA1

76b01fcf9c975974025f35f91c2c42fb944816c3
SHA256

17accb5a020f64e253c5a811fc95f5795391ba35f155004878c2788209dc0590
SHA512

be3dedd28717b8634f5a36d3ab52ede6f4185f141aebde130780b1d44a53050f6f7056594db9d06e268d2c521bd5cbaf5e336c794460899f6f0119fd708e47a7
SSDEEP

384:D70SnBIYUzSrD+dZJlRiucmuC+8eR3dlwNKFtr1lcflP9HO/YCdU+K:D7XBOzoDcfl3R78dlwEh0lluNy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bef9b8fd532247fa1223a1f08a00a544_JaffaCakes118

Files

bef9b8fd532247fa1223a1f08a00a544_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bebdf6f3139aa33f47fbe1edcd476cd0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
RemoveMenu
DdeConnectList
DispatchMessageW
SetFocus
GetMenuItemID
SetClassLongA
BroadcastSystemMessageExW
DlgDirListComboBoxW
EnumDisplaySettingsExA
LoadCursorFromFileA
AppendMenuA
CallMsgFilterW
ScrollWindowEx
GetMenu
ArrangeIconicWindows
DialogBoxParamA

mmcbase

?ScFromMMC@@YG?AVSC@mmcerror@@J@Z
?FormatErrorShort@@YGXVSC@mmcerror@@IPAG@Z
?FromLastError@SC@mmcerror@@QAEAAV12@XZ
?s_hWnd@SC@mmcerror@@0PAUHWND__@@A
?LastRefReleased@CMMCStrongReferences@@SG_NXZ
?FatalError@SC@mmcerror@@QBEXXZ
?s_dwMainThreadID@SC@mmcerror@@0KA
?MMCErrorBox@@YGHVSC@mmcerror@@I@Z
?MMCUpdateRegistry@@YGJHPBVCObjectRegParams@@PBVCControlRegParams@@@Z
?GetCode@SC@mmcerror@@QBEJXZ
?GetEventBuffer@@YGAAVCEventBuffer@@XZ
?s_hInst@SC@mmcerror@@0PAUHINSTANCE__@@A

security

InitializeSecurityContextW
QueryCredentialsAttributesW
ApplyControlToken
EnumerateSecurityPackagesA
AddSecurityPackageW
DecryptMessage
DeleteSecurityPackageW
AcquireCredentialsHandleW
EncryptMessage
ImportSecurityContextW
ExportSecurityContext
VerifySignature
InitializeSecurityContextA
DeleteSecurityPackageA

kernel32

MulDiv
GetTickCount
CallNamedPipeA
DeleteVolumeMountPointW
LoadLibraryA
GetLongPathNameW
VirtualAlloc
CancelTimerQueueTimer
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetVolumePathNamesForVolumeNameA
GetCommConfig
_llseek
SetVolumeMountPointA
GetLocaleInfoA
ReadConsoleOutputA
RtlMoveMemory

opengl32

glLogicOp
glGetTexParameteriv
glSelectBuffer
glPopName
glTexCoord4f
glReadBuffer
glLightfv
glEdgeFlagv
glTexCoord2d
glTranslated
glNormalPointer
glGetMapdv
glFogiv
glTexCoord4s
glIndexd
glColor3us
glGetMaterialiv
glEndList

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 654B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bebdf6f3139aa33f47fbe1edcd476cd0

Headers

DLL Characteristics

File Characteristics

Imports

user32

mmcbase

security

kernel32

opengl32

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 1024B - Virtual size: 654B

.data Size: 512B - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 1024B - Virtual size: 654B

.data
Size: 512B - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 3KB