f00b9d11edb34eed74c7fb5f3fe5f1d3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f00b9d11edb34eed74c7fb5f3fe5f1d3_JaffaCakes118
Size

152KB
MD5

f00b9d11edb34eed74c7fb5f3fe5f1d3
SHA1

6a59b760e4e6d3f14cbc61c2004b22e6d75338b8
SHA256

2a8044979bb0927811c3f821ad23c5c7b6334dda5b30195acb98febf72fafae4
SHA512

021df6e3e85133642007f90e9104d199787de08e9b0e3d9a37c602db92fb456eb952541219134ec39fecd3b56fa4631691498e06f8958b17e7e897900f9cf0ae
SSDEEP

3072:8A9Dw5k52oAZ+OdrqtgW6h07yyHGI5mEeU/WeK6xMyHi9woTkmrPI7:82Dw5+AM/n7THcbyWeKGa9Drw7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f00b9d11edb34eed74c7fb5f3fe5f1d3_JaffaCakes118

Files

f00b9d11edb34eed74c7fb5f3fe5f1d3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fab53ad6f7e243a009c20c330eb5ebd9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawTextW
LoadKeyboardLayoutEx
DdeCreateStringHandleA
SetWindowTextW
WaitMessage
MessageBoxTimeoutW
GetGuiResources
InvertRect
GetDlgCtrlID
DrawCaptionTempW
EndTask
GetRawInputDeviceInfoA
SetSystemMenu
GetMessageTime
LoadStringA
InSendMessageEx
IsCharAlphaNumericA
ScrollChildren
GetMenu
OffsetRect
SetScrollInfo
GetKeyboardType
CreateWindowExA
RealGetWindowClass
LoadCursorW
DefMDIChildProcW
MenuWindowProcW
MapDialogRect
EnableMenuItem
EnableWindow
SwitchDesktop
RealGetWindowClassA
CreateIcon

msvcrt40

wcsncat
isxdigit
_kbhit
_mbsnbicmp
memset
??4Iostream_init@@QAEAAV0@ABV0@@Z
?basefield@ios@@2JB
abort
?attach@filebuf@@QAEPAV1@H@Z
_wmakepath
_pctype
sin
_memicmp
_strdate
??0__non_rtti_object@@QAE@ABV0@@Z
memmove
_wcsrev
??_7streambuf@@6B@
__STRINGTOLD
?pcount@strstream@@QBEHXZ
??_Gstdiostream@@UAEPAXI@Z
??4ostream@@IAEAAV0@PAVstreambuf@@@Z
__p___mb_cur_max
?width@ios@@QAEHH@Z
?setbuf@ofstream@@QAEPAVstreambuf@@PADH@Z
feof
__p__timezone
??0ostream_withassign@@QAE@PAVstreambuf@@@Z
__p__iob
??0ostream_withassign@@QAE@XZ
??0strstream@@QAE@ABV0@@Z
_ismbcspace
?stossc@streambuf@@QAEXXZ
?ignore@istream@@QAEAAV1@HH@Z
?tie@ios@@QBEPAVostream@@XZ
iswpunct
_beginthreadex
_set_error_mode

kernel32

IsDebuggerPresent
VirtualAlloc
EnumDateFormatsW
FindVolumeClose
CreateDirectoryA
_lclose
EnumSystemCodePagesW
DeleteFiber
CreateSemaphoreA
ReplaceFileW
AddLocalAlternateComputerNameW
GetConsoleTitleW
SetConsolePalette
GetConsoleAliasesA
LockFile
LoadLibraryA
SetDefaultCommConfigW
GetSystemWindowsDirectoryW
GetNamedPipeInfo
GetConsoleAliasA
MapViewOfFileEx
QueueUserWorkItem
GetConsoleAliasesW
GetProcessWorkingSetSize
LeaveCriticalSection
EnterCriticalSection
DeleteVolumeMountPointW
SetLastConsoleEventActive
DeleteVolumeMountPointA
GetSystemDefaultLCID
DelayLoadFailureHook
FindResourceW
IsValidCodePage
GetUserDefaultLCID
_lcreat
FoldStringA
LocalHandle
GlobalDeleteAtom
GetProcessHeap
EnumSystemGeoID
SetConsoleNlsMode
WriteConsoleInputA
LocalReAlloc
ReadProcessMemory
CreateFileW
GetSystemWindowsDirectoryA
WriteConsoleInputW

msvcp60

?_Doraise@length_error@std@@MBEXXZ
?do_grouping@?$numpunct@G@std@@MBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
mbrlen
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ
?open@?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAEXPBDH@Z
??_7bad_cast@std@@6B@
??8std@@YA_NABOABV?$complex@O@0@@Z
_Nan
_Stold
?max@?$numeric_limits@G@std@@SAGXZ
??_D?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXXZ
?denorm_min@?$numeric_limits@F@std@@SAFXZ
??Gstd@@YA?AV?$complex@M@0@ABV10@0@Z
?imag@?$_Complex_base@M@std@@QAEMABM@Z
?round_error@?$numeric_limits@G@std@@SAGXZ
?do_truename@?$numpunct@D@std@@MBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??0out_of_range@std@@QAE@ABV01@@Z
?pow@std@@YA?AV?$complex@N@1@ABV21@ABN@Z
?atan2@?$_Ctr@O@std@@SAOOO@Z
?_Id_cnt@id@locale@std@@0HA
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHPBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?width@ios_base@std@@QBEHXZ
_FDscale
_Strxfrm
?ends@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?_Grow@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAE_NI_N@Z

glu32

gluTessNormal
gluBeginTrim
gluNewTess
gluGetTessProperty
gluPartialDisk
gluBeginSurface
gluTessBeginPolygon
gluLookAt
gluEndCurve
gluErrorString
gluCylinder
gluPerspective
gluLoadSamplingMatrices
gluPwlCurve
gluQuadricTexture
gluDisk
gluTessEndContour
gluGetString
gluNurbsCurve
gluSphere
gluDeleteNurbsRenderer
gluDeleteQuadric
gluTessProperty
gluQuadricOrientation
gluNurbsSurface
gluErrorUnicodeStringEXT
gluTessCallback
gluTessEndPolygon
gluUnProject
gluNewNurbsRenderer
gluOrtho2D
gluQuadricNormals
gluScaleImage
gluBeginPolygon
gluBuild2DMipmaps
gluTessVertex
gluNextContour
gluEndTrim
gluProject
gluBeginCurve

gdi32

GetCharABCWidthsW
SwapBuffers
SetSystemPaletteUse
GetOutlineTextMetricsW
SetLayoutWidth
DdEntry52
EngStrokePath
GetCharacterPlacementW
SetICMMode
GdiGetLocalBrush
DdEntry21
CreatePolygonRgn
CloseEnhMetaFile
GetMetaFileW
GdiConsoleTextOut
ArcTo
GetGlyphOutline
EngStrokeAndFillPath
EngFillPath
FONTOBJ_cGetGlyphs
Chord
GetTextMetricsA
CreateHatchBrush
DdEntry8
FloodFill
GetEnhMetaFileA
DdEntry11
GetGlyphIndicesA
HT_Get8BPPFormatPalette
GetGlyphOutlineW
GdiFlush
Polyline
ResetDCW
SetPixel
GetSystemPaletteUse
CancelDC
CheckColorsInGamut
ModifyWorldTransform
GetCharABCWidthsI
CreateFontIndirectExW
GetDCPenColor
GdiConvertBitmapV5
ExtFloodFill

lz32

CopyLZFile
LZOpenFileA
LZSeek
LZStart
LZClose
LZCopy
GetExpandedNameA
LZInit
LZCloseFile
LZDone
LZOpenFileW
LZRead

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fab53ad6f7e243a009c20c330eb5ebd9

Headers

DLL Characteristics

File Characteristics

Imports

user32

msvcrt40

kernel32

msvcp60

glu32

gdi32

lz32

Sections

.text Size: 62KB - Virtual size: 62KB

.rdata Size: 38KB - Virtual size: 38KB

.data Size: 57KB - Virtual size: 237KB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 62KB - Virtual size: 62KB

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 57KB - Virtual size: 237KB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B