073fd442bedb5f638586048a9206596b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

073fd442bedb5f638586048a9206596b_JaffaCakes118
Size

25KB
MD5

073fd442bedb5f638586048a9206596b
SHA1

9f7828e3b6c7288d02c8b39e70de82378c0b4801
SHA256

a1ff3590010af6b00f91b7b04fa51804887d761cf10eb331bae9a153a2b01f12
SHA512

a2dd2e29f378244fae4fff423b49aa011842a33bd61f07e32a9a34e2f19f12996ae445031000c942242acc7dc1ea2bceda85a7a8ebca235a94150ae4d0ec3aad
SSDEEP

384:EHlfV6dOAqqkrnXQQoZJFgX/aK5xt9ZumiGz2PoZ2rrHqG8QVdpS8kPkzejJxfLG:2o8AqqkxzDt98Mz2PbrDqGHckzejJQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
073fd442bedb5f638586048a9206596b_JaffaCakes118

Files

073fd442bedb5f638586048a9206596b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

529c4f52fcf27f06f1bf13201c584141

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapUserPhysicalPagesScatter
TransmitCommChar
MoveFileA
SetDefaultCommConfigA
CopyFileExA
QueryPerformanceCounter
VirtualAlloc
GetCommMask
GetLastError
GetExpandedNameW
OpenFileMappingW
SetComputerNameExA
VirtualQuery
GetCurrentProcessId
FindFirstChangeNotificationA
ExpandEnvironmentStringsW
DisconnectNamedPipe
GetTickCount
ExitProcess
BaseUpdateAppcompatCache
GetCurrentThreadId

w32topl

ToplGraphDestroy
ToplGetSpanningTreeEdgesForVtx
ToplScheduleImport
ToplHeapDestroy
ToplVertexGetOutEdge
ToplGraphNumberOfVertices
ToplGraphInit
ToplEdgeSetVtx
ToplSTHeapExtractMin
ToplVertexInit
ToplScheduleValid
ToplListNumberOfElements
ToplVertexCreate
ToplHeapInsert
ToplHeapExtractMin

opengl32

glColor3fv
wglDescribeLayerPlane
glTexCoord2dv
glTexCoord1f
glBindTexture
glColor4bv
glClearAccum
glClipPlane
glGetLightfv
glRectf
glNormalPointer
glRasterPos2fv
glPopClientAttrib
glEnd

msvcrt20

_mbsspn
_getcwd
asctime
_mbsnccnt
?x_lockc@ios@@0U_RTL_CRITICAL_SECTION@@A
?lock@streambuf@@QAEXXZ
__p__wcmdln
?lockptr@ios@@IAEPAU_RTL_CRITICAL_SECTION@@XZ
??0strstream@@QAE@PADHH@Z
_memicmp
_mbsnicoll
?overflow@stdiobuf@@UAEHH@Z

msvcp60

?to_char_type@?$char_traits@D@std@@SADABH@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?abs@std@@YAOABV?$complex@O@1@@Z
??1?$basic_ifstream@GU?$char_traits@G@std@@@std@@UAE@XZ
??5std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAC@Z
?_Init@?$basic_filebuf@GU?$char_traits@G@std@@@std@@IAEXPAU_iobuf@@W4_Initfl@12@@Z
?copy@?$char_traits@G@std@@SAPAGPAGPBGI@Z
?exp@?$_Ctr@O@std@@SAOO@Z
?atan2@?$_Ctr@O@std@@SAOOO@Z
?replace@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IIPBGI@Z
??_7domain_error@std@@6B@
?open@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXPBDH@Z
?ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?_Init@ios_base@std@@IAEXXZ
?setstate@ios_base@std@@QAEXF@Z

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 621B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 889B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

529c4f52fcf27f06f1bf13201c584141

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

w32topl

opengl32

msvcrt20

msvcp60

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 1024B - Virtual size: 621B

.data Size: 512B - Virtual size: 889B

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 1024B - Virtual size: 621B

.data
Size: 512B - Virtual size: 889B

.rsrc
Size: 4KB - Virtual size: 4KB