45295606b860607f2bdb11081257a481_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

45295606b860607f2bdb11081257a481_JaffaCakes118
Size

138KB
MD5

45295606b860607f2bdb11081257a481
SHA1

01215eede96de3f2743b01615dddc3275836f7db
SHA256

7741fc0d35136dd3dffbdaf6a5d850f1ccd9f0c0f3179fb43ff0e4e7fec66697
SHA512

da1edddfd7e9de1e561693e78791b953826b4d0ec2acd1045a31640a161778092e86c2539d917f0aeff85e1e9f30e246cedf31eb8bb05209385e08e9b150242b
SSDEEP

3072:Uv7sgjRFdndqBY1kN4XMOLiz5tQrunTWeFGEj:UTsczHziN4tL2yCnaeFl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45295606b860607f2bdb11081257a481_JaffaCakes118

Files

45295606b860607f2bdb11081257a481_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ed433c2b79c971691e7261f2497c702f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
GetNumberFormatW
RtlUnwind
lstrcmpW
OutputDebugStringA
CreateConsoleScreenBuffer
GetCurrentDirectoryA
CreateActCtxW
VirtualAlloc
GetLastError
ExitThread
SetErrorMode
GetACP
GetModuleHandleA
LoadLibraryW
CreateMutexA
GlobalFree
DeleteFileA
HeapFree
VirtualProtect
GetTimeFormatW
CreateProcessA
VirtualFree
FindNextFileW
DeleteVolumeMountPointA
GetProcAddress

msvcrt

wcstol
__CxxFrameHandler
towupper
wcsrchr
_XcptFilter
iswlower
memcpy
_wtoi
printf
_wcsicmp
_wcsnicmp
swscanf
strncpy
toupper
atoi
wcstok
wcscmp
wcsncpy
_wcmdln
__setusermatherr

user32

GetMenuItemCount
wsprintfW
MapWindowPoints
CheckDlgButton
ReleaseCapture
SetScrollPos
ReleaseDC
GetCursorPos
LoadCursorA
ScreenToClient
LoadMenuW
IsWindow
GetParent
RegisterClassA
UnregisterClassW
DestroyWindow
LoadCursorW
DialogBoxParamA
SetCapture
DispatchMessageW
GetProcessWindowStation
LoadImageW
SendMessageA
CopyRect
SendMessageW
BeginPaint
ClientToScreen

gdi32

PatBlt
RestoreDC
SetTextColor
CreateBitmap
TranslateCharsetInfo
CreateCompatibleDC
CreateFontIndirectW
Rectangle
SetBkMode
StretchBlt

opengl32

glTexCoord2d
glColor4i
glStencilMask
GlmfBeginGlsBlock
glFogfv
glColor3ui
wglShareLists
glColor4d
glTexCoord2dv
glColor4f

Exports

Exports

MbmUbbkdurQicmn
TfbufkePmbyvqk
ZwPszbjiePisetg

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 106B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed433c2b79c971691e7261f2497c702f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 2KB

.crt Size: 512B - Virtual size: 17B

.edata Size: 512B - Virtual size: 124B

.data Size: 56KB - Virtual size: 55KB

.rsrc Size: 64KB - Virtual size: 64KB

.reloc Size: 512B - Virtual size: 106B

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 2KB

.crt
Size: 512B - Virtual size: 17B

.edata
Size: 512B - Virtual size: 124B

.data
Size: 56KB - Virtual size: 55KB

.rsrc
Size: 64KB - Virtual size: 64KB

.reloc
Size: 512B - Virtual size: 106B