1034c50868e9e1edb5f9b0fabdd20250_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1034c50868e9e1edb5f9b0fabdd20250_JaffaCakes118
Size

864KB
MD5

1034c50868e9e1edb5f9b0fabdd20250
SHA1

71218cf811eeb8c6d9c5e53f462747177e8a285f
SHA256

05b4fc4848847156adb48a2fe809df8ebaf160dfc638670ffdb414c4c45f5f55
SHA512

7eb8468abe9dd224c17d2c3935a8a4a1b7aa179e11ca238f1287f8afcc8188c1f15dbf65b2dd94cf869165d614733e844a6999f8a999f97144c70e4195be1ef4
SSDEEP

24576:lrNhEXSymdiCkEWMqh8WG+EGx4PdEky1:lZhEAdbkEWhHG+F1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1034c50868e9e1edb5f9b0fabdd20250_JaffaCakes118

Files

1034c50868e9e1edb5f9b0fabdd20250_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6cefe0432d6cf38ea0a2d08a8c2dc348

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt40

?sh_read@filebuf@@2HB
_tzname
?flush@ostream@@QAEAAV1@XZ
__dllonexit
_findnexti64
??6ostream@@QAEAAV0@P6AAAV0@AAV0@@Z@Z
_creat
??6ostream@@QAEAAV0@I@Z
_ismbcl1
_mbctoupper
_wgetdcwd
remove
__p__fmode
__p__osver
_mbsnicmp
_execlp
difftime
_lrotr
_wcsicmp
?fill@ios@@QBEDXZ
_exit
_jn
_ismbblead
??7ios@@QBEHXZ
_msize
?read@istream@@QAEAAV1@PADH@Z
_filelength
??1strstreambuf@@UAE@XZ
?ebuf@streambuf@@IBEPADXZ
_mbsnbicmp
?close@ofstream@@QAEXXZ
?is_open@fstream@@QBEHXZ
_makepath
_memccpy
abs
_ismbbkpunct
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
__unDName
__mb_cur_max
_heapwalk
__p__winver
?setbuf@strstreambuf@@UAEPAVstreambuf@@PADH@Z
?rdbuf@ostrstream@@QBEPAVstrstreambuf@@XZ
?init@ios@@IAEXPAVstreambuf@@@Z
_filbuf
??0istream_withassign@@QAE@XZ
?eof@ios@@QBEHXZ
_controlfp
_hypot
iswascii
_osver
?isfx@istream@@QAEXXZ
?oct@@YAAAVios@@AAV1@@Z
??5istream@@QAEAAV0@P6AAAVios@@AAV1@@Z@Z
??6ostream@@QAEAAV0@K@Z
mbstowcs
??6ostream@@QAEAAV0@F@Z
strftime
wctomb
__p__acmdln
wcscoll
_timezone
??_8ifstream@@7B@
_spawnlpe
_strdup
??_7ofstream@@6B@
_ismbcl0
_yn
?fail@ios@@QBEHXZ
?hex@@YAAAVios@@AAV1@@Z
??6ostream@@QAEAAV0@M@Z
__p___argv

kernel32

TryEnterCriticalSection
FindResourceExW
SetMessageWaitingIndicator
LZOpenFileA
SetUnhandledExceptionFilter
LocalReAlloc
WaitNamedPipeW
LockFileEx
UnlockFile
CommConfigDialogW
ReleaseMutex
BaseCleanupAppcompatCacheSupport
GetNextVDMCommand
GetCommandLineW
WaitForDebugEvent
GetProcessTimes
GetLocaleInfoW
GetPriorityClass
LocalFlags
VirtualAlloc
InterlockedExchangeAdd
PeekConsoleInputA
GetFullPathNameA
GlobalFindAtomW
GetConsoleAliasW
GetFileType
PostQueuedCompletionStatus
GetCommMask
SearchPathW
OpenEventW
LoadLibraryA
WriteConsoleInputVDMA
SetConsoleScreenBufferSize
SetFirmwareEnvironmentVariableW
GetCalendarInfoA
lstrcmpiW
GetProfileSectionW
CreateProcessInternalA
GetSystemWow64DirectoryA

crtdll

_mbbtype
_fullpath
_chgsign
_mbsspn
rand
_ismbbkalnum
isalnum
_putch
tmpfile
_rotl
strftime
_sys_errlist
_CIatan
_stat
_CIsinh
_fcloseall
fmod
_CIasin
memset
abort
iswprint
_CIpow
__GetMainArgs
wcsxfrm
_fileno
_fputchar
_itow
_putw
_cpumode_dll
sprintf
_sleep
wcschr

opengl32

glLineWidth
glTexCoord3i
glVertex3d
glNormal3bv
glTexCoord2fv
glTexParameteriv
glColor4us
glTexParameterfv
glInterleavedArrays
glEvalCoord1d
glListBase
glMapGrid2f
glStencilOp
glColor3ubv
glCallList
glAccum
glTexCoord3dv
glColor4bv
wglGetLayerPaletteEntries
glDrawElements
wglDescribeLayerPlane
wglUseFontOutlinesA
glColor3fv
glCopyTexSubImage2D
glEnableClientState
glTexCoord2dv
glColor4fv
glVertex2d
glClearIndex
wglRealizeLayerPalette
glFrustum
glDrawBuffer
glClearColor
glTexCoord3sv

certcli

CACloseCertType
CAFindCertTypeByName
CASetCertTypePropertyEx
CAGetCASecurity
CAGetCertTypeProperty
CAOIDFreeLdapURL
CAFindByIssuerDN
CAGetCAProperty
CACloneCertType
CACertTypeAccessCheckEx
CAGetCertTypeFlags
CAInstallDefaultCertType
DllInstall
CASetCAExpiration
DllGetClassObject
CACreateNewCA
CASetCASecurity
CAGetCertTypeExpiration
CAEnumNextCA
CAOIDDelete
CACertTypeGetSecurity
CASetCACertificate
CADeleteCertType
CAFindByCertType
CASetCertTypeFlagsEx
CAFindByName
CAGetCertTypeKeySpec
CADeleteCA
CACreateCertType
CAEnumCertTypes
CACreateLocalAutoEnrollmentObject
CACountCertTypes
CACloseCA
CAEnumNextCertType
CAEnumFirstCA
CASetCAFlags
CASetCAProperty
CAGetCertTypeExtensions

msasn1

ASN1BERDecChar32String
ASN1BERDotVal2Eoid
ASN1_CloseModule
ASN1BERDecZeroMultibyteString
ASN1CEREncChar16String
ASN1uint32_uoctets
ASN1CEREncFlushBlkElement
ASN1CEREncMultibyteString
ASN1_GetDecoderOption
ASN1intx2uint32
ASN1_CreateDecoder
ASN1BERDecUTF8String
ASN1intx_sub
ASN1BEREncLength
ASN1BEREncBool
ASN1ztchar16string_free
ASN1open_cmp
ASN1charstring_free
ASN1CEREncNewBlkElement
ASN1BERDecSXVal
ASN1CEREncBeginBlk
ASN1BERDecDouble
ASN1BERDecExplicitTag
ASN1_SetEncoderOption
ASN1BERDecLength
ASN1BEREncExplicitTag
ASN1BERDecMultibyteString
ASN1BERDecOpenType
ASN1BEREncU32
ASN1BEREncTag
ASN1BERDecNull
ASN1_CloseEncoder
ASN1BEREncCheck
ASN1BEREncS32
ASN1BEREncObjectIdentifier
ASN1_Encode

Sections

.text
Size: 351KB - Virtual size: 351KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 305KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6cefe0432d6cf38ea0a2d08a8c2dc348

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt40

kernel32

crtdll

opengl32

certcli

msasn1

Sections

.text Size: 351KB - Virtual size: 351KB

.rdata Size: 204KB - Virtual size: 204KB

.data Size: 305KB - Virtual size: 1.7MB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 351KB - Virtual size: 351KB

.rdata
Size: 204KB - Virtual size: 204KB

.data
Size: 305KB - Virtual size: 1.7MB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B