0280f1688c3e395883cb4219536092a3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0280f1688c3e395883cb4219536092a3_JaffaCakes118
Size

136KB
MD5

0280f1688c3e395883cb4219536092a3
SHA1

ba4ba139974a2c3335c03e9de05757607c6b6663
SHA256

bd0bade289dcfa6c84fb27f36bd563719cd990ecce7d98bacb5bde70b32969ed
SHA512

4bd794be05d7a3a22bc5ddfeb2f1b4e27aa1ecbc7cfa601be3b02d33b1e0720a850c595a60dcb7576d98fb578dc2d0074a5642cc7c4c6d5d7a582b53982899e8
SSDEEP

3072:MUBQM7f4vaYjFUk3uMxqZYPfwwnGmMua:MU6kCfFUOEqPfrGmQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0280f1688c3e395883cb4219536092a3_JaffaCakes118

Files

0280f1688c3e395883cb4219536092a3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

da800435f81e3a2bb12cada4fcea73c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteTimerQueue
VirtualAlloc
ConvertDefaultLocale
VirtualFree
_lclose
GetStringTypeW
FreeLibrary
HeapAlloc
lstrlenA
ExitThread
ConvertFiberToThread
FindFirstFileW
VirtualProtect
LoadLibraryW
WriteConsoleW
GetWindowsDirectoryA
GetCurrentProcess
GetModuleHandleA
OutputDebugStringA
GetLastError
GetProcAddress

msvcrt

__p__fmode
__p__commode
__initenv
_c_exit
_exit
_purecall
isprint
wcslen
_controlfp
swprintf
_wtol
_wcmdln
_cexit
wcscat
wcscmp
__winitenv
_iob
_vsnprintf
swscanf
free
__CxxFrameHandler
_ftol
iswcntrl
strncpy
wcschr
_except_handler3
memcpy
malloc
_adjust_fdiv
wcscpy
__dllonexit
_snwprintf

user32

GetProcessWindowStation
ClientToScreen
CopyRect
DialogBoxParamA
ReleaseCapture
LoadImageW
GetCursorPos
LoadCursorW
UnregisterClassW
CheckDlgButton
GetParent
ScreenToClient
SetCapture
BeginPaint
RegisterClassA
ReleaseDC
IsWindow
DispatchMessageW
DestroyWindow
wsprintfW
GetMenuItemCount
LoadMenuW
SendMessageW
SendMessageA
MapWindowPoints
LoadCursorA
SetScrollPos

gdi32

Rectangle
CreateFontIndirectW
TranslateCharsetInfo
StretchBlt
SetBkMode
PatBlt
SetTextColor
RestoreDC
CreateCompatibleDC
CreateBitmap

opengl32

glColor4f
glFogfv
wglShareLists
glColor4i
glColor3ui
glColor4d
glTexCoord2dv
glStencilMask
glTexCoord2d
GlmfBeginGlsBlock

Exports

Exports

MbmUbbkdurQicmn
TfbufkePmbyvqk
ZwPszbjiePisetg

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da800435f81e3a2bb12cada4fcea73c1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 2KB

.crt Size: 512B - Virtual size: 17B

.edata Size: 512B - Virtual size: 124B

.data Size: 55KB - Virtual size: 54KB

.rsrc Size: 64KB - Virtual size: 63KB

.reloc Size: 512B - Virtual size: 104B

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 2KB

.crt
Size: 512B - Virtual size: 17B

.edata
Size: 512B - Virtual size: 124B

.data
Size: 55KB - Virtual size: 54KB

.rsrc
Size: 64KB - Virtual size: 63KB

.reloc
Size: 512B - Virtual size: 104B