2b25eedd504d68d0dd5674fdc6f07de9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b25eedd504d68d0dd5674fdc6f07de9_JaffaCakes118
Size

123KB
MD5

2b25eedd504d68d0dd5674fdc6f07de9
SHA1

93525ed7a712aa36a9aedc9d296cfa3ad0d66932
SHA256

dfb12f62c74fafb42fb7601d0f1d577b5148aadad6398e3cb042079629889922
SHA512

a285481afd191dc23f4992044a2cdde87deb51b0c857109320e0d01dbaca537af8e7219bc196c5c935ccad3b9c028e59452062120abb1d2b7197c41445520379
SSDEEP

3072:TUB1dABAl0qep6GhWbTX5jFtnAb8ixy+aonV:TUBriq+jhObFnAbiHeV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b25eedd504d68d0dd5674fdc6f07de9_JaffaCakes118

Files

2b25eedd504d68d0dd5674fdc6f07de9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b02bd51bed9db3af26793f4b398fbfa3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteAtom
ClearCommBreak
LoadLibraryW
_lclose
ExitThread
GetWindowsDirectoryA
GetProcAddress
HeapAlloc
GetModuleHandleA
GetLastError
VirtualProtect
GetStringTypeW
FreeLibrary
FindFirstFileW
lstrlenA
CheckRemoteDebuggerPresent
VirtualAlloc
GetCurrentProcess
VirtualFree
WriteConsoleW

msvcrt

_wcmdln
_iob
strncpy
__initenv
__p__fmode
_controlfp
swscanf
__p__commode
_vsnprintf
__dllonexit
_cexit
islower
wcschr
wcscat
_wtol
_purecall
_except_handler3
_ftol
__winitenv
_c_exit
_snwprintf
wcslen
malloc
memcpy
wcscpy
swprintf
free
__CxxFrameHandler
_exit
_adjust_fdiv
wcscmp

user32

CheckDlgButton
GetProcessWindowStation
DispatchMessageW
MapWindowPoints
LoadCursorA
RegisterClassA
SetScrollPos
GetCursorPos
GetParent
ReleaseCapture
CopyRect
ScreenToClient
wsprintfW
UnregisterClassW
DialogBoxParamA
IsWindow
LoadCursorW
BeginPaint
ReleaseDC
LoadImageW
SetCapture
LoadMenuW
DestroyWindow
SendMessageA
SendMessageW
GetMenuItemCount
ClientToScreen

shell32

SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHGetFolderPathW

opengl32

GlmfBeginGlsBlock
glColor3ui
glTexCoord2dv
wglShareLists
glTexCoord2d
glStencilMask
glColor4i
glColor4d
glColor4f
glFogfv

Exports

Exports

KmmbTobyhhTytqsGf
BxsUoytkpPsl
TanudMqnek

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 90B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b02bd51bed9db3af26793f4b398fbfa3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

shell32

opengl32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 124B

.crt Size: 512B - Virtual size: 17B

.data Size: 70KB - Virtual size: 69KB

.rsrc Size: 32KB - Virtual size: 31KB

.reloc Size: 512B - Virtual size: 90B

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 124B

.crt
Size: 512B - Virtual size: 17B

.data
Size: 70KB - Virtual size: 69KB

.rsrc
Size: 32KB - Virtual size: 31KB

.reloc
Size: 512B - Virtual size: 90B