551bb905f90ebd798a5090a54e7aa2df_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

551bb905f90ebd798a5090a54e7aa2df_JaffaCakes118
Size

642KB
MD5

551bb905f90ebd798a5090a54e7aa2df
SHA1

4daeca5a1deb912fb071b295ce2728b1419e087f
SHA256

d9d491ed889ea7cf4604d967220223fb43c6eab807657f340a8848333dfe6c57
SHA512

ca10d8ea492d6ca043f7ad589d41c84f0f75d54df66c2335a578d973f12d4d5824ed538c67c625f485e398ab6cf741217ca4e39b476049e3c1aee45f79618464
SSDEEP

12288:RkdFBqn+kHak7xIpfQ4EOiiwc2hd07GVS/BvH0o80LPKV4N:RptHakipfQWiiwUvUo8+Cy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
551bb905f90ebd798a5090a54e7aa2df_JaffaCakes118

Files

551bb905f90ebd798a5090a54e7aa2df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aa181cc90ba71756d81be499c1967629

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
VirtualAlloc
WriteConsoleOutputW
LoadLibraryA
CreateWaitableTimerA
GetProcAddress
GetTapeParameters
GetCommConfig
GetFileType
Sleep
GetVersion
GetSystemTimeAsFileTime
GlobalUnlock
GetLocalTime
GetModuleFileNameA
CreateEventA
_lwrite
IsDBCSLeadByteEx
FreeLibrary
ReadFileEx
ReadConsoleOutputAttribute
WriteConsoleOutputAttribute
DeleteAtom
IsValidLocale
GetHandleInformation
ExpungeConsoleCommandHistoryA
AddAtomA
QueryPerformanceCounter
LoadLibraryW
DuplicateConsoleHandle
GetSystemTime

opengl32

glReadBuffer
glOrtho
glIsList
glGetPolygonStipple
glEvalCoord2fv
glNormal3fv
glVertex4iv
glNormal3sv
glPixelMapusv
wglCreateContext
glColor3bv
glMatrixMode
glEdgeFlag
glPolygonOffset
wglMakeCurrent
glColor4dv
wglDeleteContext
glPushAttrib
glMultMatrixf
GlmfInitPlayback
glVertex4i
glColor3fv
glEnableClientState
glVertex3sv
glReadPixels
glVertex2i
glTexSubImage2D
glIsTexture
glGetLightfv
glIndexs
glRasterPos3fv
glRasterPos3s
glLightf
glTexCoord4fv
glDrawPixels

winmm

timeGetTime
mmTaskYield
PlaySoundW
mci32Message
mid32Message
mciDriverYield
midiOutGetDevCapsA
mciGetDriverData
auxGetDevCapsA
waveOutGetNumDevs
sndPlaySoundW
auxGetNumDevs
PlaySoundA
mciSetYieldProc

msvcrt

_mbslen
_mbsstr
_mbsnextc
_statusfp
_beginthread
_fstati64
_mbschr
fread
_abnormal_termination
__lconv_init
isxdigit
div
_acmdln
_cprintf
fseek
fgetpos
fputc
puts
system
feof
fputs
fwrite
_wtempnam
_cabs
_mbsncpy
ldexp
fopen
_spawnvp
__RTCastToVoid
_unlink
iswgraph
fsetpos
__p__iob
_ismbclower
ftell
__p__winmajor
ferror
_itow
_putw
_getch
_endthreadex
strftime
_kbhit
__lc_codepage
fwprintf
printf
sprintf
_CxxThrowException
_pwctype
fclose
_mbcjmstojis
floor
memcpy
fprintf
tolower
_wspawnvp
isalnum
_mbscspn
memset

Sections

.text
Size: 620KB - Virtual size: 617KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aa181cc90ba71756d81be499c1967629

Headers

File Characteristics

Imports

kernel32

opengl32

winmm

msvcrt

Sections

.text Size: 620KB - Virtual size: 617KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 9KB

.text
Size: 620KB - Virtual size: 617KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 9KB