ef708aa39e2e555004bd7e1ba87c396a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ef708aa39e2e555004bd7e1ba87c396a_JaffaCakes118
Size

861KB
MD5

ef708aa39e2e555004bd7e1ba87c396a
SHA1

23cae15420f85ff5b07cda7860bbe47095e94f6b
SHA256

1e5c17d11b2cdfc116b01b0d698d3e306dfa707c1da074e96266d998ca4ae0b0
SHA512

893d66664a64b24db8c7e0c9d27992e949bc02f377276cc3abe55b5dde106ed5962d489c444ca616cbd66068ebab3de70056eec7d34beee6f9c52c9543343973
SSDEEP

12288:DTV+Wllg64nkoweppJ+V4sh+DME1dCP/CVKQGKlp2zugmYPd5L:F+WllV+kowepp8uvDMgiS9nfgme7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef708aa39e2e555004bd7e1ba87c396a_JaffaCakes118

Files

ef708aa39e2e555004bd7e1ba87c396a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d9b2b1aa226a1481de831cc06f8b7936

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
VirtualAlloc
ReadConsoleInputA
VirtualLock
FindVolumeMountPointClose
ResetEvent
FatalExit
IsBadHugeReadPtr
GetDateFormatA
GlobalAlloc
lstrcmpA
AddConsoleAliasW
GetSystemDefaultLangID
SetLastError
LoadLibraryA
LocalAlloc
SetUnhandledExceptionFilter
GetSystemInfo
LZStart
GetTempPathW
SystemTimeToTzSpecificLocalTime
ReplaceFileA
OutputDebugStringA
GetOEMCP
GetLocaleInfoW
SetFileAttributesA
GetPrivateProfileSectionA
GetProfileStringA
WaitNamedPipeA
UpdateResourceW
WriteConsoleW
_lclose
GetExitCodeProcess
SignalObjectAndWait
DeleteFileA
GetACP

avifil32

AVIStreamStart
AVIGetFromClipboard
AVIFileWriteData
AVIStreamReadFormat
AVIStreamAddRef
AVIStreamWriteData
AVISave
AVIClearClipboard
AVIStreamInfoW
AVISaveVA
AVIFileInit
IID_IAVIEditStream
AVIFileInfo
AVIStreamReadData
EditStreamSetNameA
EditStreamPaste
AVISaveVW
CreateEditableStream
AVIFileInfoA
AVIBuildFilterA
AVISaveA
IID_IGetFrame
AVIFileOpen
EditStreamCopy
AVIStreamInfoA

opengl32

glDisableClientState
glTexGenf
glRasterPos4fv
glVertex3dv
glDebugEntry
GlmfEndPlayback
glRasterPos4d
glColor3dv
glGetMaterialiv
glColor4us
glMapGrid1f
glMaterialiv
glFogf
glIndexPointer
glGetIntegerv
glClearDepth
glColor3bv
glColor4iv
glMatrixMode
glColor4b
glPixelZoom
glIndexf
glTexCoordPointer
glPointSize
glTexGendv
glGetLightfv
glLineWidth
glIndexub
glDrawArrays
glTexCoord2d
glRasterPos2d
glVertex2sv
glVertex4dv
wglGetDefaultProcAddress
glDrawBuffer
glScalef
glFinish
glVertex2fv
glTexCoord3dv
glFogi

mfcsubs

??BCCriticalSection@@QAEPAU_RTL_CRITICAL_SECTION@@XZ
??0CString@@QAE@PBG@Z
?GetData@CStringArray@@QBEPBVCString@@XZ
?FreeExtra@CStringArray@@QAEXXZ
?data@CPlex@@QAEPAXXZ
??O@YG_NABVCString@@PBG@Z
?Compare@CString@@QBEHPBG@Z
?FreeDataChain@CPlex@@QAEXXZ
?InsertAt@CStringArray@@QAEXHPBGH@Z
?AfxA2WHelper@@YGPAGPAGPBDH@Z
?FormatMessageW@CString@@QAAXIZZ
?RemoveAll@CMapStringToPtr@@QAEXXZ
?ReleaseBuffer@CString@@QAEXH@Z
??YCString@@QAEABV0@D@Z
?GetBufferSetLength@CString@@QAEPAGH@Z
?SetAtGrow@CStringArray@@QAEXHPBG@Z
??_7CMapStringToPtr@@6B@
?FreeAssoc@CMapStringToPtr@@IAEXPAUCAssoc@1@@Z
?Format@CString@@QAAXIZZ
?Add@CStringArray@@QAEHPBG@Z
?SafeStrlen@CString@@KGHPBG@Z
??0CMapStringToPtr@@QAE@H@Z
?ConcatCopy@CString@@IAEXHPBGH0@Z
?Release@CString@@KGXPAUCStringData@@@Z
??_7CObject@@6B@
??P@YG_NPBGABVCString@@@Z
??0CString@@QAE@PBE@Z
??ACStringArray@@QAEAAVCString@@H@Z
??4CString@@QAEABV0@D@Z
??9@YG_NABVCString@@PBG@Z
?TrimLeft@CString@@QAEXXZ
?LookupKey@CMapStringToPtr@@QBEHPBGAAPBG@Z
??H@YG?AVCString@@ABV0@PBG@Z
?FormatV@CString@@IAEXPBGPAD@Z
?Find@CString@@QBEHG@Z
?TrimRight@CString@@QAEXXZ
??0CString@@QAE@PBGH@Z
?AfxW2AHelper@@YGPADPADPBGH@Z
??H@YG?AVCString@@ABV0@0@Z
??8@YG_NPBGABVCString@@@Z

gdi32

RemoveFontResourceA
EngLineTo
CreateColorSpaceA
ResetDCA
EngFillPath
DdEntry53
EngQueryLocalTime
GdiEntry4
CreateScalableFontResourceA
FloodFill
WidenPath
CreatePolygonRgn
STROBJ_bEnumPositionsOnly
SetDCPenColor
DdEntry37
ExtFloodFill
FrameRgn
GetTextMetricsA
CreateMetaFileA
Polyline
PlayEnhMetaFileRecord
GdiGetPageCount
FONTOBJ_pvTrueTypeFontFile
GdiEntry9
SetWindowOrgEx
GetEnhMetaFileDescriptionW
XFORMOBJ_iGetXform
GetColorAdjustment
PaintRgn

Sections

.text
Size: 366KB - Virtual size: 366KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 334KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9b2b1aa226a1481de831cc06f8b7936

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

avifil32

opengl32

mfcsubs

gdi32

Sections

.text Size: 366KB - Virtual size: 366KB

.rdata Size: 334KB - Virtual size: 334KB

.data Size: 157KB - Virtual size: 1.6MB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 366KB - Virtual size: 366KB

.rdata
Size: 334KB - Virtual size: 334KB

.data
Size: 157KB - Virtual size: 1.6MB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1KB - Virtual size: 1KB