2e5b59c480bb37ebce3696fc8650caab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e5b59c480bb37ebce3696fc8650caab_JaffaCakes118
Size

156KB
MD5

2e5b59c480bb37ebce3696fc8650caab
SHA1

e13101be500750c2ba58eb2c78510f686db4aa30
SHA256

af69da99afb7551ecd2c261d099394c84042c318d79657ab846f8f9c261f1fdc
SHA512

91c7014bf54d6368b53bb230a9af8c67f93729680f27b5f12ee6a9bb4dfdafa5ba9f2c95723579212ea5a5cc287cd46b8f4600f1f89080a7593c726cb8ab8f90
SSDEEP

3072:wVzhCsfH+rrt/Y86KDNkoLUaxkZE0eY6FGCDxMmktmUyfUWKZVdnWDRX:GHMw86K/WADZXUyfU9ZVdWVX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e5b59c480bb37ebce3696fc8650caab_JaffaCakes118

Files

2e5b59c480bb37ebce3696fc8650caab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a84b68e2b0c824fa5eed5f31050956e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glTranslatef
glTexImage2D
glTexParameteri
glDrawBuffer
wglGetProcAddress
glGenTextures
wglCreateContext
glEnableClientState
glClear
glClearColor
glTexParameterf
glScaled
glVertex3i
glTexCoord2f
glEnd
glPopAttrib
glDisable
glBegin
glShadeModel
glTranslated
glMultMatrixd
glDrawElements
glLoadIdentity
wglDeleteContext
glHint
glEnable
glLightfv
glTexCoordPointer
glBindTexture
glVertexPointer
glViewport
glMatrixMode
glVertex3f
glPushAttrib
glBlendFunc
glPushMatrix
glReadBuffer
glReadPixels
glPopMatrix
wglMakeCurrent
glColorPointer

kernel32

GetCurrentProcess
TerminateProcess
LCMapStringW
LCMapStringA
GetSystemInfo
GetOEMCP
GetACP
GetLocaleInfoA
GetCPInfo
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
SetStdHandle
FlushFileBuffers
VirtualQuery
InterlockedExchange
RtlUnwind
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTickCount
GetModuleHandleA
QueryPerformanceCounter
QueryPerformanceFrequency
MapViewOfFile
UnmapViewOfFile
FreeLibrary
Sleep
CreateFileMappingA
SetConsoleCtrlHandler
CloseHandle
TlsSetValue
SetLastError
TlsAlloc
SetFilePointer
GetLastError
IsBadWritePtr
HeapReAlloc
VirtualFree
HeapCreate
HeapDestroy
DeleteCriticalSection
GetCurrentProcessId
RaiseException
IsBadCodePtr
IsBadReadPtr
FreeEnvironmentStringsA
EnterCriticalSection
LeaveCriticalSection
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
ExitProcess
GetCommandLineA
GetVersionExA
GetProcessHeap
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
VirtualAllocEx

user32

RegisterClassA
ChangeDisplaySettingsA
EnumDisplayDevicesA
LoadCursorA
SetWindowTextA
ShowWindow
DefWindowProcA
CreateWindowExA
ShowCursor
GetDC
GetMonitorInfoA
LoadIconA
PostQuitMessage
EnumDisplayMonitors
DestroyWindow
DispatchMessageA
TranslateMessage

gdi32

SetPixelFormat
ChoosePixelFormat
GetStockObject
SwapBuffers

advapi32

RegOpenKeyA
OpenEventLogW

msls31

LsQueryCpPpointSubline
LsdnFinishRegular
LsCreateSubline
LsdnFinishByPen
LsQueryPointPcpSubline
LsQueryLinePointPcp
LsResetRMInCurrentSubline

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pCwls
Size: 3KB - Virtual size: 45KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qLFGW
Size: 3KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nli
Size: 2KB - Virtual size: 45KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a84b68e2b0c824fa5eed5f31050956e7

Headers

File Characteristics

Imports

opengl32

kernel32

user32

gdi32

advapi32

msls31

Sections

.text Size: 13KB - Virtual size: 13KB

.pCwls Size: 3KB - Virtual size: 45KB

.rdata Size: 4KB - Virtual size: 3KB

.qLFGW Size: 3KB - Virtual size: 46KB

.data Size: 9KB - Virtual size: 111KB

.nli Size: 2KB - Virtual size: 45KB

.rsrc Size: 117KB - Virtual size: 116KB

.text
Size: 13KB - Virtual size: 13KB

.pCwls
Size: 3KB - Virtual size: 45KB

.rdata
Size: 4KB - Virtual size: 3KB

.qLFGW
Size: 3KB - Virtual size: 46KB

.data
Size: 9KB - Virtual size: 111KB

.nli
Size: 2KB - Virtual size: 45KB

.rsrc
Size: 117KB - Virtual size: 116KB