c7a5b92368ba09691cd5f1341b60cbda_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c7a5b92368ba09691cd5f1341b60cbda_JaffaCakes118
Size

136KB
MD5

c7a5b92368ba09691cd5f1341b60cbda
SHA1

579c4e9cc18794496d0ac3322a4047492d51bd4f
SHA256

44b0e0b239a6924f88c6e88da9935d6c1f6479dbf0b02d4f93957bd96f17219c
SHA512

30395b5d165600c49b81306422f10dbf83d6892eae672896f36dc2e1d66b4f6949a606d29c56d94fda131eeedefd4eee851ef0bfb24e1bd3eb1712ba2882baeb
SSDEEP

3072:r924SxQ5Xznjs3w+ZPcPRcRUK3DKvNQSh9VSCfSP9stdy1:r9zQQ5Xznwr8Tvz/SESP9Qy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7a5b92368ba09691cd5f1341b60cbda_JaffaCakes118

Files

c7a5b92368ba09691cd5f1341b60cbda_JaffaCakes118
.dll windows:5 windows x86 arch:x86

da800435f81e3a2bb12cada4fcea73c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteTimerQueue
VirtualAlloc
ConvertDefaultLocale
VirtualFree
_lclose
GetStringTypeW
FreeLibrary
HeapAlloc
lstrlenA
ExitThread
ConvertFiberToThread
FindFirstFileW
VirtualProtect
LoadLibraryW
WriteConsoleW
GetWindowsDirectoryA
GetCurrentProcess
GetModuleHandleA
OutputDebugStringA
GetLastError
GetProcAddress

msvcrt

__p__fmode
__p__commode
__initenv
_c_exit
_exit
_purecall
isprint
wcslen
_controlfp
swprintf
_wtol
_wcmdln
_cexit
wcscat
wcscmp
__winitenv
_iob
_vsnprintf
swscanf
free
__CxxFrameHandler
_ftol
iswcntrl
strncpy
wcschr
_except_handler3
memcpy
malloc
_adjust_fdiv
wcscpy
__dllonexit
_snwprintf

user32

GetProcessWindowStation
ClientToScreen
CopyRect
DialogBoxParamA
ReleaseCapture
LoadImageW
GetCursorPos
LoadCursorW
UnregisterClassW
CheckDlgButton
GetParent
ScreenToClient
SetCapture
BeginPaint
RegisterClassA
ReleaseDC
IsWindow
DispatchMessageW
DestroyWindow
wsprintfW
GetMenuItemCount
LoadMenuW
SendMessageW
SendMessageA
MapWindowPoints
LoadCursorA
SetScrollPos

gdi32

Rectangle
CreateFontIndirectW
TranslateCharsetInfo
StretchBlt
SetBkMode
PatBlt
SetTextColor
RestoreDC
CreateCompatibleDC
CreateBitmap

opengl32

glColor4f
glFogfv
wglShareLists
glColor4i
glColor3ui
glColor4d
glTexCoord2dv
glStencilMask
glTexCoord2d
GlmfBeginGlsBlock

Exports

Exports

MbmUbbkdurQicmn
TfbufkePmbyvqk
ZwPszbjiePisetg

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da800435f81e3a2bb12cada4fcea73c1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 2KB

.crt Size: 512B - Virtual size: 17B

.edata Size: 512B - Virtual size: 124B

.data Size: 55KB - Virtual size: 54KB

.rsrc Size: 64KB - Virtual size: 63KB

.reloc Size: 512B - Virtual size: 88B

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 2KB

.crt
Size: 512B - Virtual size: 17B

.edata
Size: 512B - Virtual size: 124B

.data
Size: 55KB - Virtual size: 54KB

.rsrc
Size: 64KB - Virtual size: 63KB

.reloc
Size: 512B - Virtual size: 88B