14dd096cf09821c7c18c1f0d617344d9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14dd096cf09821c7c18c1f0d617344d9_JaffaCakes118
Size

136KB
MD5

14dd096cf09821c7c18c1f0d617344d9
SHA1

258a8ca208c94dac0cf1a4b1c1aa904aa0a219fc
SHA256

7d4bc395735a160f453029ad0d1738c128f25ba7734b27d3011afed25992b846
SHA512

b7518ff9b9fba1b9dd8f887eadc5f94acd7e2b6f317c4464333b051872da939c0b43e023455ada8bf2c49187c3d6a602b5b7e0d2ccdbd07f426b3a0d7d01565c
SSDEEP

3072:b8Ig6SxDtrli54pT7tOigr30zNYisR/AAdD+Hzme:b8wQDthi54NtXVadAAizm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14dd096cf09821c7c18c1f0d617344d9_JaffaCakes118

Files

14dd096cf09821c7c18c1f0d617344d9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

da800435f81e3a2bb12cada4fcea73c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteTimerQueue
VirtualAlloc
ConvertDefaultLocale
VirtualFree
_lclose
GetStringTypeW
FreeLibrary
HeapAlloc
lstrlenA
ExitThread
ConvertFiberToThread
FindFirstFileW
VirtualProtect
LoadLibraryW
WriteConsoleW
GetWindowsDirectoryA
GetCurrentProcess
GetModuleHandleA
OutputDebugStringA
GetLastError
GetProcAddress

msvcrt

__p__fmode
__p__commode
__initenv
_c_exit
_exit
_purecall
isprint
wcslen
_controlfp
swprintf
_wtol
_wcmdln
_cexit
wcscat
wcscmp
__winitenv
_iob
_vsnprintf
swscanf
free
__CxxFrameHandler
_ftol
iswcntrl
strncpy
wcschr
_except_handler3
memcpy
malloc
_adjust_fdiv
wcscpy
__dllonexit
_snwprintf

user32

GetProcessWindowStation
ClientToScreen
CopyRect
DialogBoxParamA
ReleaseCapture
LoadImageW
GetCursorPos
LoadCursorW
UnregisterClassW
CheckDlgButton
GetParent
ScreenToClient
SetCapture
BeginPaint
RegisterClassA
ReleaseDC
IsWindow
DispatchMessageW
DestroyWindow
wsprintfW
GetMenuItemCount
LoadMenuW
SendMessageW
SendMessageA
MapWindowPoints
LoadCursorA
SetScrollPos

gdi32

Rectangle
CreateFontIndirectW
TranslateCharsetInfo
StretchBlt
SetBkMode
PatBlt
SetTextColor
RestoreDC
CreateCompatibleDC
CreateBitmap

opengl32

glColor4f
glFogfv
wglShareLists
glColor4i
glColor3ui
glColor4d
glTexCoord2dv
glStencilMask
glTexCoord2d
GlmfBeginGlsBlock

Exports

Exports

MbmUbbkdurQicmn
TfbufkePmbyvqk
ZwPszbjiePisetg

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da800435f81e3a2bb12cada4fcea73c1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 2KB

.crt Size: 512B - Virtual size: 17B

.edata Size: 512B - Virtual size: 124B

.data Size: 55KB - Virtual size: 54KB

.rsrc Size: 64KB - Virtual size: 63KB

.reloc Size: 512B - Virtual size: 88B

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 2KB

.crt
Size: 512B - Virtual size: 17B

.edata
Size: 512B - Virtual size: 124B

.data
Size: 55KB - Virtual size: 54KB

.rsrc
Size: 64KB - Virtual size: 63KB

.reloc
Size: 512B - Virtual size: 88B