d9f86954f99a7c556a452997bb53890e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d9f86954f99a7c556a452997bb53890e_JaffaCakes118
Size

79KB
MD5

d9f86954f99a7c556a452997bb53890e
SHA1

7a9bcf035dc68f505c1fc60e208689fe39031598
SHA256

fc9f4669b158a8aea8daa878a85afd49e882a3f1d8ceabcabc20b9416055ccff
SHA512

b397701e79be093f20eab3de2810a304c9f2377ec22ace7ad6c5d9f7bdd68e5fec035f5036a6a545fa22ac4ad657b9606ef8e88c2a4068d639c97b88ad598c05
SSDEEP

1536:guzlpkJugYL668a1o020uylcsNDlBNFCxgu2mGE6:/ppw76H1syllNDl9Cxn2T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9f86954f99a7c556a452997bb53890e_JaffaCakes118

Files

d9f86954f99a7c556a452997bb53890e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6d7d154d01215e10f1cff0350180515e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
OpenProfileUserMapping
MapViewOfFileEx
GetModuleHandleW
VirtualAlloc
WritePrivateProfileStructA
Heap32First
GetModuleHandleA
FreeLibraryAndExitThread
GetCompressedFileSizeA
InterlockedCompareExchange
FormatMessageA
GetVersion
GetLastError
GetLocaleInfoA
EnumResourceNamesA
CreateFileA
GetDriveTypeW
VirtualProtect
FindFirstFileW
IsBadHugeReadPtr
FindResourceW
LoadLibraryA
FindResourceExA
GetFullPathNameW
GetSystemInfo
WritePrivateProfileStructW
GetProcAddress

msvcrt

atol
_setmbcp
isupper
is_wctype
memset
ispunct
_setjmp
isspace
frexp
memcpy
wcsncat

user32

ReleaseDC
CheckMenuRadioItem
LoadStringW
GetClientRect
GetAncestor
GetFocus
UnregisterClassA
LoadStringA
EndDialog
SetMenuItemInfoW
PrivateExtractIconsW
ModifyMenuW
GetSystemMetrics
OpenClipboard
GetSysColor

opengl32

glBegin
wglDeleteContext
glColorMask
glColor3dv
wglSwapMultipleBuffers

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 857B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sp
Size: 512B - Virtual size: 115B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sp0
Size: 1024B - Virtual size: 537B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sp1
Size: 512B - Virtual size: 22B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sp2
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sp3
Size: 512B - Virtual size: 57B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d7d154d01215e10f1cff0350180515e

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

opengl32

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 857B

.sp Size: 512B - Virtual size: 115B

.sp0 Size: 1024B - Virtual size: 537B

.sp1 Size: 512B - Virtual size: 22B

.sp2 Size: 512B - Virtual size: 69B

.sp3 Size: 512B - Virtual size: 57B

.rsrc Size: 35KB - Virtual size: 34KB

.reloc Size: 512B - Virtual size: 92B

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 857B

.sp
Size: 512B - Virtual size: 115B

.sp0
Size: 1024B - Virtual size: 537B

.sp1
Size: 512B - Virtual size: 22B

.sp2
Size: 512B - Virtual size: 69B

.sp3
Size: 512B - Virtual size: 57B

.rsrc
Size: 35KB - Virtual size: 34KB

.reloc
Size: 512B - Virtual size: 92B