02837c1efbae50de6606bdb12842839d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

02837c1efbae50de6606bdb12842839d_JaffaCakes118
Size

82KB
MD5

02837c1efbae50de6606bdb12842839d
SHA1

ea9dd8d942b921225341191792e50853527060e3
SHA256

a7d48963235746e35573b3c7eda259907e5861ed1bf08c387aa63e52ea36618c
SHA512

99c73b684a3b6d610312e8d2c4640ed83a0dd976e496b30f2335c03ad1bcc5e760a2a7bbc126f9b5a8942440d108a3572452f504ffd00538d4dc6c22c51a8d8c
SSDEEP

1536:RxBqJVw6hR3DS2lWt391cElBPk1jP6WocSdNnnH:Rqo6hdDSWmvlSjP6WocSvn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02837c1efbae50de6606bdb12842839d_JaffaCakes118

Files

02837c1efbae50de6606bdb12842839d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd4014bbd2c460069308039b1e5ab9b2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glReadBuffer
glGetBooleanv
glPixelTransferi
glGetTexEnvfv
glRasterPos3i
glRasterPos3fv
glTexParameteri
glVertex2iv
glScalef
glArrayElement
glEnableClientState
glRectiv
glLightiv

ole32

CoUnmarshalInterface
GetRunningObjectTable
CreateAntiMoniker
WriteFmtUserTypeStg
CoCreateInstance
DoDragDrop
OleCreateFromDataEx
StgCreateDocfile
OleNoteObjectVisible
OleRun
CoLockObjectExternal
OleQueryCreateFromData
MkParseDisplayName

gdi32

CreateDCW
ChoosePixelFormat
ExtFloodFill
CreateDiscardableBitmap
CreateFontW
EqualRgn
GetBkColor
GetAspectRatioFilterEx
CombineTransform
Escape
DescribePixelFormat
DrawEscape
BitBlt

advapi32

RegOpenKeyExA
RegLoadKeyA
ReportEventA
CloseEventLog
NotifyChangeEventLog
GetTokenInformation
OpenEventLogA
RegQueryValueExA
RegSetValueA

kernel32

GetPrivateProfileSectionA
GetModuleHandleA
GetProcAddress
SuspendThread
GetModuleFileNameA
GetCommandLineA
GetEnvironmentStrings
SetHandleInformation
GetVersion
SetEvent
GetCurrentProcess
ReleaseMutex
TlsSetValue
VirtualAllocEx
GetCurrentProcessId
CloseHandle
GetProcessHeap
GetStdHandle
GetStartupInfoA

secur32

AcceptSecurityContext
MakeSignature
CompleteAuthToken

avifil32

AVIBuildFilterW
AVIStreamFindSample
AVISaveVW
EditStreamSetInfoW
AVIMakeCompressedStream
AVIStreamOpenFromFileA
AVIFileInfoA
AVIClearClipboard
AVIStreamReadData

msvfw32

ICGetInfo
ICInfo
GetOpenFileNamePreviewA

uxtheme

GetThemeIntList
DrawThemeEdge
SetWindowTheme
DrawThemeText
GetThemePosition
OpenThemeData
GetThemeSysBool
IsThemeActive
EnableTheming

ws2_32

gethostbyname
recv
getsockopt
accept
getservbyname
socket
recvfrom
send
gethostbyaddr
getpeername
getservbyport
sendto

wsnmp32

ord200

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd4014bbd2c460069308039b1e5ab9b2

Headers

File Characteristics

Imports

opengl32

ole32

gdi32

advapi32

kernel32

secur32

avifil32

msvfw32

uxtheme

ws2_32

wsnmp32

msvcrt

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 13KB - Virtual size: 17KB

.rsrc Size: 43KB - Virtual size: 42KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 13KB - Virtual size: 17KB

.rsrc
Size: 43KB - Virtual size: 42KB

.reloc
Size: 1KB - Virtual size: 1KB