d9fc3b845454f7588b0f48b017fb9a50_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d9fc3b845454f7588b0f48b017fb9a50_JaffaCakes118
Size

1.0MB
MD5

d9fc3b845454f7588b0f48b017fb9a50
SHA1

17de143a193969b85902fa54c1554410dcf72b06
SHA256

1fe2341438aea4b0427f3f2808918b6ef00bf742bc903e94022c7f73df914ed4
SHA512

bb11d7ad5d6f426b23c459d130c8962c66a70fa5d6df35ffbf2bc51ae619dc94bb9bccd990d0856a6a5ca40f0a3d5519b7f0dd075fc9e1a65f846a4a72a7449c
SSDEEP

24576:m2g8AFUAEUM91zfwVPIl6Mw3C1tvIgOB9Af8P2rU:+FUB9wRMUYL8P2rU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9fc3b845454f7588b0f48b017fb9a50_JaffaCakes118

Files

d9fc3b845454f7588b0f48b017fb9a50_JaffaCakes118
.exe windows:5 windows x86 arch:x86

974768965958bd869d9d0e7a3f15f6d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

PDB Paths

U:\fingers\labels\accordingly\Real.pdb

Imports

kernel32

GetProcessHeap
SetEndOfFile
FlushFileBuffers
SetFilePointer
SetStdHandle
IsProcessorFeaturePresent
LCMapStringW
GetStringTypeW
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
HeapFree
HeapQueryInformation
HeapSize
HeapReAlloc
HeapAlloc
RaiseException
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
CloseHandle
ReleaseMutex
FindNextFileA
LoadLibraryA
FindClose
GetProcAddress
GetLastError
FindFirstFileA
MultiByteToWideChar
lstrcatA
LoadLibraryW
WideCharToMultiByte
InitializeCriticalSection
WriteFile
ExitProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
GetConsoleMode
GetConsoleCP
ReadFile
SetLastError
GetModuleHandleW
TlsFree
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetCPInfo
CreateFileW
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
RtlUnwind
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
WaitForSingleObject
CreateFileA
TerminateProcess
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapValidate
IsBadReadPtr
EnterCriticalSection
LeaveCriticalSection

user32

GetDlgItem
ReleaseDC
EndDialog
DefWindowProcA
SetWindowTextA
GetDialogBaseUnits
DispatchMessageW
TranslateMessage
InvalidateRect
GetDC
DestroyWindow
GetNextDlgGroupItem
SetTimer
GetWindowRect
GetMessageW
KillTimer
DrawTextA
LoadStringA
wsprintfA
GetClientRect
GetWindowTextLengthA
SendMessageA
BeginPaint
GetIconInfo
GetWindowTextA

gdi32

GetObjectA
SwapBuffers
DescribePixelFormat
SetTextColor
DeleteDC
CreateFontA
StretchBlt
CreateFontIndirectA
DeleteObject
SelectObject
CreateCompatibleDC
CreateBitmapIndirect
GetObjectW
ChoosePixelFormat
CreateICA
SetPixelFormat
CreateSolidBrush

oleaut32

SysStringLen
SysAllocStringLen

shlwapi

StrStrIA
PathCompactPathA
SHCreateStreamOnFileA

opengl32

glLoadIdentity
glColor3f
glFlush
glEnable
glLightfv
glLineWidth
glMatrixMode
glBlendFunc
wglGetCurrentDC
glBegin
glEnd
glOrtho
glClear
glViewport
glVertex2d

imm32

ImmAssociateContext

Sections

.text
Size: 877KB - Virtual size: 876KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

974768965958bd869d9d0e7a3f15f6d4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

oleaut32

shlwapi

opengl32

imm32

Sections

.text Size: 877KB - Virtual size: 876KB

.rdata Size: 48KB - Virtual size: 47KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 100KB - Virtual size: 100KB

.reloc Size: 15KB - Virtual size: 15KB

.text
Size: 877KB - Virtual size: 876KB

.rdata
Size: 48KB - Virtual size: 47KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 100KB - Virtual size: 100KB

.reloc
Size: 15KB - Virtual size: 15KB