d98b920887f56b8e5ff79554e5b81def_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d98b920887f56b8e5ff79554e5b81def_JaffaCakes118
Size

173KB
MD5

d98b920887f56b8e5ff79554e5b81def
SHA1

9ff633a6e98caccedbbb4f168ffcda39abf7cc7b
SHA256

af8b0e54cc8cc3e6eab754389104e25a9ebb85ddc31b736038ab9a92a6c07fa3
SHA512

79412e94ad6bb56f40d09707dd253a70fd9620752436f4ef2819b70ce57ff2b5d324dcd95d7d0a11c0be47ec650b16c54740aa6c8a9ccbacf5f9cc765d06776e
SSDEEP

3072:KN2g/S4LOQ+ByIXGxL29DsEIou4BilOSWuRLh8eL/Ha:KNpfLOBByzI1ellOrMuez

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d98b920887f56b8e5ff79554e5b81def_JaffaCakes118

Files

d98b920887f56b8e5ff79554e5b81def_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2b9cf8ede474edd8fa9c4d7401123384

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AllocConsole
LocalAlloc
WriteConsoleOutputA
SetConsoleCursorInfo
ReleaseSemaphore
GlobalFindAtomW
SuspendThread
GetSystemInfo
GetTapeStatus
VDMOperationStarted
PostQueuedCompletionStatus
GlobalUnWire
SetEndOfFile
SetConsoleNumberOfCommandsW
ReadFile
FindFirstVolumeA
CommConfigDialogA
GetThreadLocale
GetPrivateProfileIntA
InterlockedFlushSList
SetErrorMode
BaseCheckAppcompatCache
UnregisterWaitEx
DelayLoadFailureHook
LZCopy
FileTimeToSystemTime
BeginUpdateResourceW
FillConsoleOutputCharacterW
GetStdHandle
SetThreadExecutionState
GetModuleHandleA
TransactNamedPipe
lstrcpyW
HeapReAlloc
BuildCommDCBA
SetSystemTime
GetVolumeNameForVolumeMountPointA
GetCurrentThread
WideCharToMultiByte
VirtualAlloc
LoadLibraryA
WriteFile
GetConsoleProcessList
CopyFileExA
GetCompressedFileSizeW
GetSystemWindowsDirectoryW
WritePrivateProfileSectionA
GetExitCodeThread
GetPrivateProfileIntW
LockResource
SetCalendarInfoA
GetProcessTimes
MoveFileExW
HeapLock
GetUserDefaultLCID
GetTapeParameters
ReplaceFileW
SetLocaleInfoW
SetComputerNameW
ClearCommError
GetCommandLineA
VerLanguageNameW
ResetWriteWatch
SetEnvironmentVariableA
RegisterConsoleIME
NlsGetCacheUpdateCount
GetMailslotInfo
GetNumaAvailableMemoryNode
lstrcmpi
GetBinaryTypeA
SetFileTime
SwitchToThread
EnumUILanguagesW
DeleteFileA
lstrcpynA
GetHandleInformation
GetDefaultCommConfigA

msi

MsiLocateComponentW
MsiGetUserInfoA
MsiSetFeatureStateW
MsiDatabaseIsTablePersistentA
MsiPreviewBillboardA
MsiConfigureFeatureFromDescriptorA
MsiProcessAdvertiseScriptW
MsiConfigureProductExW
MsiGetDatabaseState
MsiProvideComponentW
MsiProcessMessage
MsiOpenPackageExW
MsiConfigureProductW
MsiSetFeatureStateA
MsiGetPatchInfoW
MsiDatabaseMergeW
MsiRecordSetStreamA
MsiGetFileVersionW
MsiFormatRecordA
MsiEnumProductsW
MsiSourceListAddSourceW
MsiConfigureProductExA
MsiEnumComponentCostsW
MsiInstallProductA
MsiGetSourcePathA
MsiCollectUserInfoW
MsiGetComponentPathA
MsiGetLanguage
MsiDoActionA
MsiGetUserInfoW
MsiAdvertiseProductW
MsiNotifySidChangeW
MsiMessageBoxW

opengl32

glRectfv
glTexEnvi
glMaterialf
glGetTexLevelParameterfv
glTexGendv
glGetTexParameteriv
glTexCoord1dv
glTexCoord4sv
glColor3ubv
glRectdv
glPixelStoref
glViewport
glMateriali
glColor4d
glRasterPos2f
glGetDoublev
glVertex4dv
glTexGeniv
glVertex2f
glPointSize
glVertex2i
wglShareLists
glColor4uiv
glCallLists
glEvalCoord2f
glVertexPointer
glIndexd
glColorPointer
glLightfv
glEvalPoint2
glBitmap
glTexCoord1d
glPassThrough
glStencilMask
glColorMaterial
glClearStencil
glTexCoord2f
glVertex3iv

comsvcs

CoEnterServiceDomain
MiniDumpW
GetTrkSvrObject
CosGetCallContext
CoLeaveServiceDomain
GetMTAThreadPoolMetrics
RecycleSurrogate
CoLoadServices
CoCreateActivity
ComSvcsLogError
GetObjectContext
ComSvcsExceptionFilter
DispManGetContext
MTSCreateActivity
SafeRef
DllGetClassObject

msvcrt

_mbsnset
_toupper
_CIexp
_wfindfirst
_strnicmp
_wrename
_wgetcwd
__getmainargs
_aligned_malloc
_mbsnicmp
_adj_fdiv_m32
_tell
_fsopen
floor
_wtol
??9type_info@@QBEHABV0@@Z
_flsbuf
_mbbtombc
_spawnlpe
__crtGetStringTypeW
_finite
_adj_fdivr_m16i
strpbrk
getwc
toupper
atan2
_sys_nerr
__crtLCMapStringA
??4bad_typeid@@QAEAAV0@ABV0@@Z
_wfopen
_snprintf
??1bad_cast@@UAE@XZ
_resetstkoflw

olepro32

DllGetClassObject
OleIconToCursor
OleTranslateColor
OleCreatePropertyFrame
OleCreateFontIndirect
OleLoadPicture
OleCreatePictureIndirect
OleCreatePropertyFrameIndirect

user32

PostQuitMessage
DefWindowProcW
RegisterClassW

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b9cf8ede474edd8fa9c4d7401123384

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msi

opengl32

comsvcs

msvcrt

olepro32

user32

Sections

.text Size: 53KB - Virtual size: 53KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 82KB - Virtual size: 241KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 912B

.text
Size: 53KB - Virtual size: 53KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 82KB - Virtual size: 241KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 912B