d4ddbea73dfbfdcaa45c29bb33749973_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d4ddbea73dfbfdcaa45c29bb33749973_JaffaCakes118
Size

79KB
MD5

d4ddbea73dfbfdcaa45c29bb33749973
SHA1

7cda305c090f74c6703de092557d47cc285c6025
SHA256

434b530677ea21259bbe263b2af6950819ee1f51338cfe146df79b17e3b5c0c7
SHA512

11cf9d959c39f0d302e0f2ea81e27d5b2cc4a5351bae3d5afa3a45a1d4ef1c3b5a67b77ad71a4d8e90b35df9893ae811123fe31a8f3c464044680d93fd7bb784
SSDEEP

1536:pe4o8pDirxlqubsATA3FkrEDSTk2pp86k967eK1MXdSeO0vGBKDPK7nxXUdfj:pNrMllz9AqHNpT7ZmJ5eh7xXUZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4ddbea73dfbfdcaa45c29bb33749973_JaffaCakes118

Files

d4ddbea73dfbfdcaa45c29bb33749973_JaffaCakes118
.exe windows:4 windows x86 arch:x86

44f8c4cd45d85fbef07c119e9eceb76f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryExA
VirtualAlloc
GetLastError
UnlockFile
CreatePipe
VirtualProtect
GetModuleHandleA
WriteProfileSectionW
CreateHardLinkA
FlushViewOfFile
MapViewOfFileEx
GetProcAddress
GetStringTypeW
InitAtomTable
CreateFileW
LoadLibraryA
ExitProcess
HeapFree
FlushFileBuffers
TlsGetValue
GetPrivateProfileSectionA
GetModuleHandleW

msvcrt

is_wctype
_wmktemp
_aexit_rtn
_strupr
_wstrdate
memcpy
_ui64toa
rewind
sqrt
memset
_ltoa
?terminate@@YAXXZ
_mbscspn
ispunct
_wspawnle
_dstbias

user32

IsClipboardFormatAvailable
ModifyMenuW
MonitorFromRect
GetClassLongW
GetMenu
TranslateMessage
LoadStringA
SetDlgItemTextW
GetWindowLongW
GetWindowTextLengthW
LoadAcceleratorsW
FindWindowW
IsWindowEnabled
UpdateWindow
EndDialog
EqualRect
RegisterClassExW
RealChildWindowFromPoint
SetDlgItemInt
DispatchMessageW
PrivateExtractIconsA

opengl32

glRasterPos3dv
glEvalCoord1f
glVertex3dv
glRasterPos2f
glGetClipPlane
glCullFace
glNormal3dv
wglGetDefaultProcAddress
glGetLightiv
glClearDepth
glRecti
glRenderMode
glGetMaterialfv
glClearStencil
glEdgeFlag
wglGetProcAddress

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sp
Size: 512B - Virtual size: 115B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sp0
Size: 1024B - Virtual size: 537B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sp1
Size: 512B - Virtual size: 22B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sp2
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sp3
Size: 512B - Virtual size: 57B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44f8c4cd45d85fbef07c119e9eceb76f

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

opengl32

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 1KB

.sp Size: 512B - Virtual size: 115B

.sp0 Size: 1024B - Virtual size: 537B

.sp1 Size: 512B - Virtual size: 22B

.sp2 Size: 512B - Virtual size: 69B

.sp3 Size: 512B - Virtual size: 57B

.rsrc Size: 35KB - Virtual size: 34KB

.reloc Size: 512B - Virtual size: 60B

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 1KB

.sp
Size: 512B - Virtual size: 115B

.sp0
Size: 1024B - Virtual size: 537B

.sp1
Size: 512B - Virtual size: 22B

.sp2
Size: 512B - Virtual size: 69B

.sp3
Size: 512B - Virtual size: 57B

.rsrc
Size: 35KB - Virtual size: 34KB

.reloc
Size: 512B - Virtual size: 60B