309951fbbe6aabc6c5eef68c813208a8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

309951fbbe6aabc6c5eef68c813208a8_JaffaCakes118
Size

139KB
MD5

309951fbbe6aabc6c5eef68c813208a8
SHA1

4a0e97f4536ad37f1ecc8607dd97e20f131ee84c
SHA256

6bf50c89c0184b8148e4a3fdb684d050345d782edc83ed64ca8f0d35e5a73b36
SHA512

ee7cd112b83314ac9a5cc36fe86f7bf27c70f5bc39852032b3e133642d2629032e7d4371fb3d160f5bcb396c643af16fc06ac2d6aae11cbf5812faa0334c9b9e
SSDEEP

3072:Iqzdr6z6nO+LtZq20qmn88XVHN4tSlbfEG+:IIr6z69F0qUTHHl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
309951fbbe6aabc6c5eef68c813208a8_JaffaCakes118

Files

309951fbbe6aabc6c5eef68c813208a8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

405b46a7ab68fde98c5930bf76f72b67

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
RtlUnwind
FindNextFileW
GetACP
DosPathToSessionPathA
SetErrorMode
GetModuleHandleA
VirtualProtect
GetLastError
GetProcAddress
lstrcmpW
OutputDebugStringA
CreateDirectoryW
HeapFree
GlobalFree
VirtualFree
CreateDirectoryExW
CreateProcessA
VirtualAlloc
DeleteFileA
LoadLibraryW
GetTimeFormatW
ExitThread
TlsGetValue
GetNumberFormatW

msvcrt

__setusermatherr
wcscmp
towupper
printf
memcpy
swscanf
_XcptFilter
_wcsicmp
wcstol
wcsrchr
__CxxFrameHandler
wcsncpy
_wtoi
iswlower
wcstok
toupper
strncpy
atoi
_wcmdln
_wcsnicmp

user32

LoadMenuW
ReleaseDC
RegisterClassA
SendMessageW
MapWindowPoints
CopyRect
DestroyWindow
LoadCursorW
GetProcessWindowStation
DispatchMessageW
GetMenuItemCount
ClientToScreen
SetCapture
BeginPaint
DialogBoxParamA
wsprintfW
GetCursorPos
CheckDlgButton
IsWindow
ScreenToClient
GetParent
LoadImageW
SetScrollPos
ReleaseCapture
LoadCursorA
SendMessageA
UnregisterClassW

gdi32

SetTextColor
StretchBlt
RestoreDC
TranslateCharsetInfo
PatBlt
SetBkMode
Rectangle
CreateFontIndirectW
CreateCompatibleDC
CreateBitmap

opengl32

glFogfv
glColor4i
wglShareLists
glColor4f
glStencilMask
glColor4d
glColor3ui
GlmfBeginGlsBlock
glTexCoord2dv
glTexCoord2d

Exports

Exports

UgdVvswclaCatiKxyorUsv
CuqEclfZhqnbUtmmnrEff
LplUfxseTdkawlKcjk
Gdtxmy

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.crt
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 115B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

405b46a7ab68fde98c5930bf76f72b67

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 13KB

.crt Size: 512B - Virtual size: 72B

.rdata Size: 2KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 115B

.data Size: 57KB - Virtual size: 56KB

.rsrc Size: 64KB - Virtual size: 63KB

.reloc Size: 512B - Virtual size: 256B

.text
Size: 13KB - Virtual size: 13KB

.crt
Size: 512B - Virtual size: 72B

.rdata
Size: 2KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 115B

.data
Size: 57KB - Virtual size: 56KB

.rsrc
Size: 64KB - Virtual size: 63KB

.reloc
Size: 512B - Virtual size: 256B