168e0442f134bf960813b8d2474dd00c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

168e0442f134bf960813b8d2474dd00c_JaffaCakes118
Size

141KB
MD5

168e0442f134bf960813b8d2474dd00c
SHA1

56150b88f215f24f1b3790ce7d4eb90613f98794
SHA256

338277b7cb5d3295b2ac6eb5acb75da5a6c7e580d58c7e731618f7bf9b03154c
SHA512

586b230cfb388e0db46762a6875948a13a887d6fd218fec1c318adf5f5c7dd72f73e4b27af9c7a83186cb2bc0ab3ee5df8c39acd06471223eb5543ae3a26ba0d
SSDEEP

3072:GfTeAogXSeg7MmRUVkgqCA+r4jDeao8q0YUBb:YansnIUVk7U4jiaVqbUB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
168e0442f134bf960813b8d2474dd00c_JaffaCakes118

Files

168e0442f134bf960813b8d2474dd00c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f37afa9c57d19b34269471c570503dd7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
GetCurrentDirectoryA
CreateEventW
VirtualAlloc
GetModuleFileNameW
VirtualFree
lstrcpyW
CreateEventA
GetModuleHandleA
GetThreadLocale
FileTimeToSystemTime
SetEvent
GetStartupInfoW
OutputDebugStringA
FreeEnvironmentStringsA
GetCurrentProcess
DosDateTimeToFileTime
TerminateThread
GetProcAddress
SetHandleCount
GetACP
GetTimeFormatW
DuplicateHandle
CloseHandle
lstrcpynA
GetStdHandle
LoadLibraryW
GetEnvironmentStringsW
ExitThread
GetConsoleMode
GetLastError
VirtualProtect
GlobalAlloc
GetFileAttributesA

msvcrt

__CxxFrameHandler
printf
_XcptFilter
wcsncpy
swscanf
memcpy
labs
strncpy
towupper
wcstol
_wcsnicmp
wcsrchr
__setusermatherr
_wcsicmp
toupper
_wtoi
wcstok
atoi
wcscmp
_wcmdln

user32

LoadImageW
CopyRect
RegisterClassA
CheckDlgButton
SendMessageW
SetScrollPos
LoadCursorW
ReleaseDC
IsWindow
LoadCursorA
DialogBoxParamA
MapWindowPoints
LoadMenuW
DestroyWindow
GetParent
SetCapture
GetCursorPos
GetMenuItemCount
GetProcessWindowStation
DispatchMessageW
UnregisterClassW
ReleaseCapture
ScreenToClient
wsprintfW
BeginPaint
SendMessageA
ClientToScreen

gdi32

RestoreDC
Rectangle
StretchBlt
SetTextColor
TranslateCharsetInfo
CreateBitmap
CreateFontIndirectW
CreateCompatibleDC
PatBlt
SetBkMode

opengl32

glTexCoord2dv
glFogfv
glStencilMask
glColor4i
glColor4f
glColor3ui
GlmfBeginGlsBlock
wglShareLists
glTexCoord2d
glColor4d

Exports

Exports

VilJlhuQpanqTzh
YaNgetjMbklbzIawgzWns
AeKzzenVyzzq

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.crt
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 115B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 262B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f37afa9c57d19b34269471c570503dd7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 13KB

.crt Size: 512B - Virtual size: 72B

.rdata Size: 3KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 115B

.data Size: 57KB - Virtual size: 57KB

.rsrc Size: 65KB - Virtual size: 64KB

.reloc Size: 512B - Virtual size: 262B

.text
Size: 13KB - Virtual size: 13KB

.crt
Size: 512B - Virtual size: 72B

.rdata
Size: 3KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 115B

.data
Size: 57KB - Virtual size: 57KB

.rsrc
Size: 65KB - Virtual size: 64KB

.reloc
Size: 512B - Virtual size: 262B