39c7879e4a15d647bdd85583ed69b2dc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

39c7879e4a15d647bdd85583ed69b2dc_JaffaCakes118
Size

138KB
MD5

39c7879e4a15d647bdd85583ed69b2dc
SHA1

9ea4c07182c3c88f28af9165f04649a58a876bc8
SHA256

76c62b55ae0a072d919ad0b68fab8fe9b02705d1228e4c137a9c071290918eb4
SHA512

a354c1d5face399671c0874b3ec2aa9285c1c7aad7e655f24295a6b88b84e1577a797dadfba1db886b1a0f780d510f9cf1bdc3fe35c4778b6308bcc1ac5a716e
SSDEEP

3072:GI2wuK/LjpmBPCH8/n44Y78yH2Ou4t1e:GrwZ/XkBPCUnRYgZO57

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39c7879e4a15d647bdd85583ed69b2dc_JaffaCakes118

Files

39c7879e4a15d647bdd85583ed69b2dc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ed433c2b79c971691e7261f2497c702f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
GetNumberFormatW
RtlUnwind
lstrcmpW
OutputDebugStringA
CreateConsoleScreenBuffer
GetCurrentDirectoryA
CreateActCtxW
VirtualAlloc
GetLastError
ExitThread
SetErrorMode
GetACP
GetModuleHandleA
LoadLibraryW
CreateMutexA
GlobalFree
DeleteFileA
HeapFree
VirtualProtect
GetTimeFormatW
CreateProcessA
VirtualFree
FindNextFileW
DeleteVolumeMountPointA
GetProcAddress

msvcrt

wcstol
__CxxFrameHandler
towupper
wcsrchr
_XcptFilter
iswlower
memcpy
_wtoi
printf
_wcsicmp
_wcsnicmp
swscanf
strncpy
toupper
atoi
wcstok
wcscmp
wcsncpy
_wcmdln
__setusermatherr

user32

GetMenuItemCount
wsprintfW
MapWindowPoints
CheckDlgButton
ReleaseCapture
SetScrollPos
ReleaseDC
GetCursorPos
LoadCursorA
ScreenToClient
LoadMenuW
IsWindow
GetParent
RegisterClassA
UnregisterClassW
DestroyWindow
LoadCursorW
DialogBoxParamA
SetCapture
DispatchMessageW
GetProcessWindowStation
LoadImageW
SendMessageA
CopyRect
SendMessageW
BeginPaint
ClientToScreen

gdi32

PatBlt
RestoreDC
SetTextColor
CreateBitmap
TranslateCharsetInfo
CreateCompatibleDC
CreateFontIndirectW
Rectangle
SetBkMode
StretchBlt

opengl32

glTexCoord2d
glColor4i
glStencilMask
GlmfBeginGlsBlock
glFogfv
glColor3ui
wglShareLists
glColor4d
glTexCoord2dv
glColor4f

Exports

Exports

MbmUbbkdurQicmn
TfbufkePmbyvqk
ZwPszbjiePisetg

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 106B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed433c2b79c971691e7261f2497c702f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 2KB

.crt Size: 512B - Virtual size: 17B

.edata Size: 512B - Virtual size: 124B

.data Size: 56KB - Virtual size: 55KB

.rsrc Size: 64KB - Virtual size: 64KB

.reloc Size: 512B - Virtual size: 106B

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 2KB

.crt
Size: 512B - Virtual size: 17B

.edata
Size: 512B - Virtual size: 124B

.data
Size: 56KB - Virtual size: 55KB

.rsrc
Size: 64KB - Virtual size: 64KB

.reloc
Size: 512B - Virtual size: 106B