efeb2160a778527ac41a67c9ef99d63a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

efeb2160a778527ac41a67c9ef99d63a_JaffaCakes118
Size

122KB
MD5

efeb2160a778527ac41a67c9ef99d63a
SHA1

56b077a9d029bd78e17a6b51a88d3ca489fa1fa4
SHA256

1402ad64b53735851bf0e7b848de51a00f680c9d52d8a3d689926ca3c7973a80
SHA512

141a8fa37d1ae18140273350a256240ffb3e52685fec5f4853c1280161f17393f2b5a6a09810cea78f8d545059fcf8b27b77a4b5d714e46d89814b1d53a35d8f
SSDEEP

3072:WwRJRWn4w4uOcgd1N0YqTIdWYZR1EOsa0gA8xETQusHBY:WwzBxrtR1nX6TQlY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efeb2160a778527ac41a67c9ef99d63a_JaffaCakes118

Files

efeb2160a778527ac41a67c9ef99d63a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2860b067126b40e3d2d21f03fa6a739e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CheckRemoteDebuggerPresent
GetWindowsDirectoryA
_lclose
FreeLibrary
HeapAlloc
CreateMutexA
FindFirstFileW
ClearCommBreak
GetStringTypeW
WriteConsoleW
ExitThread
GetModuleHandleA
GetCurrentProcess
VirtualFree
GetProcAddress
GetLastError
VirtualAlloc
VirtualProtect
LoadLibraryW
OutputDebugStringA
lstrlenA

msvcrt

_ftol
_exit
wcscpy
_snwprintf
_wcmdln
__winitenv
malloc
__p__fmode
_iob
_controlfp
__dllonexit
swprintf
memcpy
wcschr
strncpy
islower
free
_purecall
_c_exit
_except_handler3
wcscat
__p__commode
_cexit
wcscmp
_adjust_fdiv
__initenv
_wtol
wcslen
__CxxFrameHandler
_vsnprintf
swscanf

user32

SendMessageA
LoadImageW
CopyRect
ReleaseDC
GetCursorPos
CheckDlgButton
GetProcessWindowStation
RegisterClassA
BeginPaint
ScreenToClient
ReleaseCapture
SetCapture
UnregisterClassW
SendMessageW
LoadMenuW
SetScrollPos
LoadCursorA
DialogBoxParamA
DestroyWindow
wsprintfW
IsWindow
GetParent
DispatchMessageW
MapWindowPoints
LoadCursorW
GetMenuItemCount
ClientToScreen

shell32

SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHGetFolderPathW

opengl32

GlmfBeginGlsBlock
glColor3ui
glTexCoord2dv
wglShareLists
glTexCoord2d
glStencilMask
glColor4i
glColor4d
glColor4f
glFogfv

Exports

Exports

KmmbTobyhhTytqsGf
BxsUoytkpPsl
TanudMqnek

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 98B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2860b067126b40e3d2d21f03fa6a739e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

shell32

opengl32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 124B

.crt Size: 512B - Virtual size: 17B

.data Size: 69KB - Virtual size: 69KB

.rsrc Size: 32KB - Virtual size: 31KB

.reloc Size: 512B - Virtual size: 98B

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 124B

.crt
Size: 512B - Virtual size: 17B

.data
Size: 69KB - Virtual size: 69KB

.rsrc
Size: 32KB - Virtual size: 31KB

.reloc
Size: 512B - Virtual size: 98B