ebc2df6b10c8ed39600fff950801685a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ebc2df6b10c8ed39600fff950801685a_JaffaCakes118
Size

32KB
MD5

ebc2df6b10c8ed39600fff950801685a
SHA1

bb3c94cea8de47484a2a11e81b3a86fbda80843a
SHA256

d5c01525cd9ac3a569c9d4251be5456888c852337ea4b8a974a486da320117a6
SHA512

86d431b4b432c361b6658331adda5cd74053151dfab57f5ca1e9e36254df70f3ac51785490ab2db7b0c742e2bfb1dcf34326a10a8c1fe2bcc86c24c937447647
SSDEEP

768:81lEnJEOj7CVgNX1dHekuSuQFdO4kPM+J9n8Z:8QJEOj7jNl1ekuCOO29+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ebc2df6b10c8ed39600fff950801685a_JaffaCakes118

Files

ebc2df6b10c8ed39600fff950801685a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da422874106a92731daef239781a5e28

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
GetProcAddress
MapViewOfFileEx
GetLastError
LoadLibraryA
FlushViewOfFile
CreateFiber
GetLocaleInfoA
VirtualProtect
GetModuleHandleA
ExitProcess
FindResourceExW
GetModuleHandleW
Sleep
GetAtomNameA
SwitchToFiber
MoveFileW
CreatePipe
IsDBCSLeadByte
VirtualAlloc
VerSetConditionMask
FlushFileBuffers

msvcrt

vprintf
_ismbcalnum
_adj_fdiv_m64
_kbhit
_mbsnbicmp
memset
wscanf
_heapchk
_mbcjmstojis
_execvp
ispunct
_expand
memcpy
_ismbbgraph
is_wctype

user32

GetWindowLongW
RealChildWindowFromPoint
CharNextA
SetCursor
DefWindowProcW
PrivateExtractIconsA
EndDialog
LoadStringA
SetWindowPlacement
SetWindowLongW
ModifyMenuW
EnableWindow
GetClassLongW

gdi32

MoveToEx
SetStretchBltMode
GetPixel
SetPixel
SetBkColor
SetViewportExtEx
GetBrushOrgEx
GetRgnBox
GetObjectW
CreateDIBSection
CreateRectRgn
GetCurrentObject
LineTo
Polygon
SetPaletteEntries
GetTextExtentPoint32W
GetPaletteEntries
CreateFontIndirectW

opengl32

glEvalCoord1dv
glLightModeli
glStencilMask
glDepthMask
glGetMapiv
wglSwapBuffers
wglCreateContext

Exports

Exports

WufzuNpnknbnXdyodxy
AgrahzhRazsQubtuxcHv
PfKvfeBwupIw

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xpi
Size: 1024B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ixp
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pixi
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 62B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da422874106a92731daef239781a5e28

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 5KB - Virtual size: 4KB

.xpi Size: 1024B - Virtual size: 644B

.ixp Size: 512B - Virtual size: 17B

.pixi Size: 1024B - Virtual size: 836B

.rsrc Size: 65KB - Virtual size: 65KB

.reloc Size: 512B - Virtual size: 62B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 5KB - Virtual size: 4KB

.xpi
Size: 1024B - Virtual size: 644B

.ixp
Size: 512B - Virtual size: 17B

.pixi
Size: 1024B - Virtual size: 836B

.rsrc
Size: 65KB - Virtual size: 65KB

.reloc
Size: 512B - Virtual size: 62B