f9a350a100d29f771fd36e4533f076c8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f9a350a100d29f771fd36e4533f076c8_JaffaCakes118
Size

21KB
MD5

f9a350a100d29f771fd36e4533f076c8
SHA1

60341fe8654581a5f1bae290e96182e4ec478594
SHA256

e37f2b99ec6b6088d61ebfcf21c900b5a051d95d44b5bed554e672024d211f3f
SHA512

b607272531bade78f9d28395f4c7da7eeaf798be3d059b764c6197becd284ba76e21d774ab8d8056c223cff5fce72154584b89f85be9c0aaf76f11425678b099
SSDEEP

384:TDweu9VL6OiKgetOP6qLzVsYyPIJ0bVoeAFFizb/kC5WIjqqQiK:TDweu9VL6O1geoiqLzVsYyi0Oozb/JAn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9a350a100d29f771fd36e4533f076c8_JaffaCakes118

Files

f9a350a100d29f771fd36e4533f076c8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d884c32d4b0f1dbffef6e3114c28cf9f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glIndexPointer
wglCreateLayerContext
glArrayElement
glNormalPointer
glTranslatef
glMapGrid2f
glSelectBuffer
glTexParameterfv
glPolygonOffset
glListBase
glHint
glStencilMask
glPopAttrib

expsrv

rtBstrFromErrVar
__vbaVarIndexLoadRef
__vbaVarSetUnk
__vbaVarCmpNe
rtcEndOfFile
__vbaStrAryToUnicode
__vbaFpR8
__vbaVarForInit
rtcRightVar
rtcGetCurrentCalendar
__vbaCyErrVar
TipInvokeMethod

w32topl

ToplFree
ToplDeleteSpanningTreeEdges
ToplGraphInit
ToplListFree
ToplScheduleCacheDestroy
ToplHeapInsert
ToplEdgeGetFromVertex
ToplIterAdvance
ToplEdgeSetVtx
ToplAddEdgeToGraph
ToplSTHeapAdd
ToplGraphFindEdgesForMST
ToplListRemoveElem
ToplEdgeSetToVertex

kernel32

GetDateFormatA
GetCurrentProcessId
DeleteAtom
GetFirmwareEnvironmentVariableW
lstrcat
FileTimeToLocalFileTime
CreateFiberEx
GetTickCount
QueryPerformanceCounter
GetFileType
SearchPathW
VirtualAlloc
GetNumberOfConsoleInputEvents
CreateTapePartition
BeginUpdateResourceW
FatalExit
CallNamedPipeA
_lread
GetCurrentThreadId
ReadDirectoryChangesW

ntdll

RtlNumberOfSetBits
NtFindAtom
ZwQueryIoCompletion
NtDebugActiveProcess
RtlCopySid
DbgUiDebugActiveProcess
RtlCharToInteger
_allshr
RtlQueryAtomInAtomTable
RtlSubAuthorityCountSid
RtlMapGenericMask
RtlCreateSystemVolumeInformationFolder
RtlCompactHeap
RtlSetLastWin32Error
NtInitializeRegistry
NtLoadKey2
ZwDeleteAtom

msvcrt20

wscanf
wcsstr
_tcsicmp
??1strstreambuf@@UAE@XZ
_fpclass
??0filebuf@@QAE@H@Z
_mtlock
_isctype
_lrotr
_tcsncicmp
__p___argv
_except_handler3
_strtime
wcsrchr
_mbsspnp

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 646B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d884c32d4b0f1dbffef6e3114c28cf9f

Headers

DLL Characteristics

File Characteristics

Imports

opengl32

expsrv

w32topl

kernel32

ntdll

msvcrt20

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 1024B - Virtual size: 646B

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 1024B - Virtual size: 646B

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 3KB