f535697c0531b0e89d563a7aac1620bc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f535697c0531b0e89d563a7aac1620bc_JaffaCakes118
Size

5.4MB
MD5

f535697c0531b0e89d563a7aac1620bc
SHA1

8308d89c20220c241013dee5bda189847bd6d1d4
SHA256

d8175993bce09eb78b9d93372fcf5f67f06841bef37c8a7471b27c8751355fe2
SHA512

a95645117684521149f622428a29495039a6ee18f8e792e732926a1ba107c27e6ba6ec195039e9434aff88cc901169a7b899cd3c72502945599d8f8818eb4fd7
SSDEEP

98304:UaTqMO0V3cqQUQgQKCGlIpvQS+BVAKuG4kD+v1x8sk+4SZiNxjp5+0POAVslUx5D:UaTxpV3c3UxGQRvL4lv1me4NVp5J2Wn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f535697c0531b0e89d563a7aac1620bc_JaffaCakes118

Files

f535697c0531b0e89d563a7aac1620bc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

06836d2cb41e7a3f13efd3697f0c9953

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

d3d9

Direct3DCreate9

wininet

DeleteUrlCacheEntryW

winspool.drv

DocumentPropertiesW

comctl32

ImageList_GetImageInfo

shell32

SHGetMalloc

urlmon

URLDownloadToFileW

user32

MoveWindow
GetProcessWindowStation
GetProcessWindowStation
GetUserObjectInformationW

version

GetFileVersionInfoSizeW

oleaut32

SysFreeString

advapi32

RegSetValueExW

netapi32

NetWkstaGetInfo

msvcrt

memcpy

d3dx9_33

D3DXVec3Project

kernel32

GetVersion
GetVersionExW
VirtualQuery
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

ole32

IsEqualGUID

gdi32

Pie

wtsapi32

WTSSendMessageW

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 105KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: - Virtual size: 153B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 84B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06836d2cb41e7a3f13efd3697f0c9953

Headers

File Characteristics

Imports

d3d9

wininet

winspool.drv

comctl32

shell32

urlmon

user32

version

oleaut32

advapi32

netapi32

msvcrt

d3dx9_33

kernel32

ole32

gdi32

wtsapi32

Exports

Exports

Sections

.text Size: - Virtual size: 3.1MB

.itext Size: - Virtual size: 11KB

.data Size: - Virtual size: 48KB

.bss Size: - Virtual size: 105KB

.idata Size: - Virtual size: 14KB

.didata Size: - Virtual size: 3KB

.edata Size: - Virtual size: 153B

.tls Size: - Virtual size: 84B

.rdata Size: - Virtual size: 93B

.vmp0 Size: - Virtual size: 2.9MB

.vmp1 Size: 5.3MB - Virtual size: 5.3MB

.rsrc Size: 72KB - Virtual size: 71KB

.text
Size: - Virtual size: 3.1MB

.itext
Size: - Virtual size: 11KB

.data
Size: - Virtual size: 48KB

.bss
Size: - Virtual size: 105KB

.idata
Size: - Virtual size: 14KB

.didata
Size: - Virtual size: 3KB

.edata
Size: - Virtual size: 153B

.tls
Size: - Virtual size: 84B

.rdata
Size: - Virtual size: 93B

.vmp0
Size: - Virtual size: 2.9MB

.vmp1
Size: 5.3MB - Virtual size: 5.3MB

.rsrc
Size: 72KB - Virtual size: 71KB