c77382d72cfc3f7f5a839c236824ac1a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c77382d72cfc3f7f5a839c236824ac1a_JaffaCakes118
Size

548KB
MD5

c77382d72cfc3f7f5a839c236824ac1a
SHA1

a6d2b411fc355e40c702f338690caf56ffac238c
SHA256

49e4127a3b79e7f02d77610a0c69e72c8477b33b8cb1950285f6ad0b6b1b74fa
SHA512

3f89d4dfef5466fbd2978f41d4dd0b33a3dce7144231ca763a43815e783e30511e94e2a56050547b6ec321753751e3cf372a05e2be084b1e7aaf75677ae85a1f
SSDEEP

6144:qGY+Ja4T9/NOmfBI0Rfnpf0M970Kh6JfQpN4vI:qGY+8W9/I0JZSK70F1QP4A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c77382d72cfc3f7f5a839c236824ac1a_JaffaCakes118

Files

c77382d72cfc3f7f5a839c236824ac1a_JaffaCakes118
.exe windows:6 windows x86 arch:x86

10c8301a56c96f1bbabc31d0557cb90e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleWindow
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringEx
HeapSize
GetStringTypeW
HeapReAlloc
HeapAlloc
RtlUnwind
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
IsProcessorFeaturePresent
IsDebuggerPresent
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
Sleep
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
TerminateProcess
GetCommandLineA
GetLastError
SetLastError
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
GetProcessHeap
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InitOnceExecuteOnce
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount64
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetCurrentProcess
CreateFileW

comdlg32

GetSaveFileNameW
PrintDlgW
PrintDlgExA
GetOpenFileNameA

glu32

gluErrorString
gluBeginCurve
gluQuadricCallback
gluLookAt
gluGetTessProperty

wsnmp32

ord103
ord200
ord902
ord999
ord104

wininet

HttpQueryInfoW
InternetFindNextFileW
InternetHangUp
HttpEndRequestW
InternetErrorDlg
FindFirstUrlCacheEntryExA

winmm

midiInMessage
mmioGetInfo
mmioRead

ws2_32

getsockname
getservbyname
WSAGetServiceClassInfoA
WSAEnumProtocolsA
WSASendTo
WSAEventSelect
__WSAFDIsSet
WPUCompleteOverlappedRequest
socket
select

wsock32

ord1142

ole32

OleRegEnumVerbs
OleLoad
PropStgNameToFmtId
CoIsHandlerConnected
CoMarshalInterface
CLIPFORMAT_UserMarshal

user32

SetWindowPos

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10c8301a56c96f1bbabc31d0557cb90e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comdlg32

glu32

wsnmp32

wininet

winmm

ws2_32

wsock32

ole32

user32

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 3KB - Virtual size: 10KB

.rsrc Size: 363KB - Virtual size: 362KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 3KB - Virtual size: 10KB

.rsrc
Size: 363KB - Virtual size: 362KB

.reloc
Size: 7KB - Virtual size: 6KB