c130e95e0276805affd0f8b0d9de7afc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c130e95e0276805affd0f8b0d9de7afc_JaffaCakes118
Size

373KB
MD5

c130e95e0276805affd0f8b0d9de7afc
SHA1

e5e3d037f9d082ea6bec35aaf48fe8ffe92f4c3f
SHA256

1ff81c58ff3e3b5969708777bd3700539f8fc404e17ccd6624d00b86c9b50cbe
SHA512

cf7d3ddb73b44057dddb558fe57d798607e2ee95a14afceb4c107e6a2a49b7036ebfd0eee340012ef54c6bfdc7e62a715652de8cebf723b00793c52971fbc02a
SSDEEP

6144:0k3I9sVn4dYSp8dKJfhleVfDZoO32VgIxZh5Lyu9bcTe754aulZGWiqA9:0dswtJJleVLUuILh5rt754BaPqQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c130e95e0276805affd0f8b0d9de7afc_JaffaCakes118

Files

c130e95e0276805affd0f8b0d9de7afc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e5670115c53c15e29d18870edd5c0886

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

getenv
_unlink
_wtol
fgetwc
_mbsdec
_wcsnset
_mbsupr
iswlower
_toupper
_mbsnbcat
_mbctolower
_open
_global_unwind2
_mbcjistojms
labs
_sopen
wcstol
bsearch
ungetwc
_lsearch
log
_rmdir
_CItanh
is_wctype
_ismbckata
_ismbcl1
_ismbcl2
_CIcosh
__argc_dll
_osmajor_dll
iswdigit
_wcsupr
fputc
ceil
wcscmp
_ismbbkalnum
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
ferror
__threadid
_fcloseall
iswupper
_get_osfhandle
_purecall
_spawnlp
_beginthread
feof
_spawnv
_iob
_ismbcsymbol
_findnext
_aexit_rtn_dll
_utime
_write
_mkdir
atol
clock
strlen
_winminor_dll
strncmp
tmpnam
_sys_errlist
_getdllprocaddr
cos
qsort
_strdate
_fsopen
_mbscpy
_fputchar

opengl32

glColor4b
glColor3i
glRasterPos2d
glMateriali
glEvalMesh2
wglGetProcAddress
glGetMaterialiv
glColor4bv
glTexCoord4fv
glRotatef
glTexCoord2dv
glTexParameteri
glAccum
glVertex4d
glInitNames
glRasterPos4fv
glMap2d
glGetMapiv
glLogicOp
glColor4ui
wglGetLayerPaletteEntries
glColor4us
glRasterPos3f
glNormal3dv
GlmfBeginGlsBlock
glIndexMask
wglDescribeLayerPlane
glFrontFace
glRotated
glRectiv
glCopyTexSubImage1D
glIndexf
glIndexubv
glScalef
glTexCoord1i
glVertex2sv
glDeleteTextures
glColor3uiv
glRasterPos2f

kernel32

LocalCompact
SizeofResource
RtlCaptureContext
DeleteTimerQueue
CommConfigDialogW
VirtualAlloc
GetCurrentThread
SetConsoleWindowInfo
GetTempPathA
VirtualFree
MulDiv
GetStringTypeW
QueryInformationJobObject
GetEnvironmentStringsA
SetConsoleMaximumWindowSize
LocalFree
IsBadHugeWritePtr
GetDevicePowerState
RegisterWowBaseHandlers
GlobalAlloc
GetConsoleKeyboardLayoutNameA
DeleteAtom
QueryPerformanceCounter
MoveFileWithProgressW
FlushInstructionCache
RegisterWowExec
LoadLibraryA
GetProfileStringW
GetCalendarInfoW
Heap32Next
SetLastError
_llseek
GetUserGeoID
CopyFileExW

sqlunirl

_CallWindowProc@20
_WritePrivateProfileStruct_@20
_WriteConsoleInput_@16
_GetTabbedTextExtent_@20
_lstrcpy_@8
_CreatePropertySheetPage_@4
_QueryDosDevice_@12
_GetGlyphOutline_@28
_DeviceCapabilities_@20
_FindWindow_@8
_ExtTextOut@32
_IsDialogMessage@8
_GetVersionEx@4
_SetDefaultCommConfig_@12
_ModifyMenu_@20
_CreateDialogParam_@20
_EnumWindowStations_@8
_NDdeGetShareSecurity_@24
_GetBinaryType_@8
_GetUserName@8
_DefWindowProc@16
_NDdeShareAdd_@20
_RegSetValue_@20
_RegisterClassEx_@4
_InitiateSystemShutdown_@20
_CopyEnhMetaFile_@8
_DialogBoxParam_@20
_tsystem
_RegSetValueEx_@24
_SHGetPathFromIDList_@8
_EnumDisplaySettings_@12
_GetClassLong_@8
_ObjectCloseAuditAlarm_@12
_GetComputerName@8
_FindResource@12
_VerQueryValue_@16
_ClearEventLog_@8
_EnumDependentServices_@24
_IsCharAlphaNumeric_@4
_GetCharWidth_@16
_BeginUpdateResource_@8
_CreateDialogIndirectParam@20

clbcatq

GetComputerObject
InprocServer32FromString
UpdateFromAppChange
DeleteAllActivatorsForClsid
OpenComponentLibraryOnStreamEx
GetCatalogObject2
GetCatalogObject
UpdateFromComponentChange
ComPlusMigrate
SetSetupSave
OpenComponentLibraryEx
OpenComponentLibraryOnMemEx
SetupSave
ServerGetApplicationType
DllGetClassObject
GetSimpleTableDispenser
SetupOpen
CheckMemoryGates
ActivatorUpdateForIsRouterChanges
CLSIDFromStringByBitness
SetSetupOpen
DowngradeAPL
CoRegCleanup
CreateComponentLibraryEx

Sections

.text
Size: 105KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 504KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5670115c53c15e29d18870edd5c0886

Headers

File Characteristics

Imports

crtdll

opengl32

kernel32

sqlunirl

clbcatq

Sections

.text Size: 105KB - Virtual size: 108KB

.rdata Size: 152KB - Virtual size: 156KB

.data Size: 512B - Virtual size: 504KB

.rsrc Size: 112KB - Virtual size: 112KB

.reloc Size: 1KB - Virtual size: 4KB

.text
Size: 105KB - Virtual size: 108KB

.rdata
Size: 152KB - Virtual size: 156KB

.data
Size: 512B - Virtual size: 504KB

.rsrc
Size: 112KB - Virtual size: 112KB

.reloc
Size: 1KB - Virtual size: 4KB