JaffaCakes118_8ac60f0c96215000261b6de123546f4f

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_8ac60f0c96215000261b6de123546f4f
Size

126KB
MD5

8ac60f0c96215000261b6de123546f4f
SHA1

eb388c7aeed9012924b3861d6a99c92033a1e994
SHA256

c29e34377e5f43a61b64a6d0a89f39e358da4e53d497e66c87ba5329cc21a091
SHA512

0474dcb671ceb05fd7aac9abd09020e59677974a7ad979f94505250b8b2002ac885f93e54101b6ce9b08a5d76f6cd4fdf859cf1fe382a3af60e684afb153c503
SSDEEP

1536:0Bwbl69CulI5OpP3Ya/6xfthvfuS2fdgsyRfp5mZjigB+88vnj0isDdLXrRk6Akn:0BwblLulI5eIa0t2fdcigj0i0kkJ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_8ac60f0c96215000261b6de123546f4f

Files

JaffaCakes118_8ac60f0c96215000261b6de123546f4f
.exe windows:4 windows x86 arch:x86

0a057b04361fa282afe428973eed95a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetStretchBltMode
DeleteDC
CreatePen
GetTextMetricsW
CreateCompatibleDC
LineTo
GetObjectA
TextOutW
SelectPalette
GetTextExtentPointW
GetTextExtentPoint32W
GetStockObject
SetBkMode

kernel32

CreateFileMappingW
InitializeCriticalSection
LoadLibraryW
ReleaseMutex
GetProcAddress
LoadLibraryExW
SetFileTime
GetModuleHandleA
OutputDebugStringA
QueryPerformanceCounter
GetFileInformationByHandle
ReadFile
GetComputerNameExW
GetCommandLineW
VirtualProtect
ExpandEnvironmentStringsW
DeleteCriticalSection
SetFilePointer
GetFileAttributesA
SetErrorMode
lstrcpyA
VirtualProtect
AddAtomA
VirtualFree
VirtualAlloc
CreateMutexW
ExitProcess
EnterCriticalSection
TerminateThread
CreateThread
SetUnhandledExceptionFilter
GetLocalTime
DisableThreadLibraryCalls
GetFileType
WideCharToMultiByte
GetLocaleInfoA

msvcrt

_vsnprintf
__set_app_type
__getmainargs
free
_except_handler3
exit
__CxxFrameHandler
strncpy
_vsnwprintf
fprintf
__wgetmainargs
strchr
towupper
malloc
memcpy
memset
_wcmdln
_c_exit
toupper
__p__commode
__p__fmode
_wcsicmp
_initterm
memmove
isalpha
__dllonexit
swprintf
_adjust_fdiv
_ftol

opengl32

glRectf
glStencilOp
glNormal3bv
glStencilMask
glRasterPos4dv
glRasterPos4i
glColor4dv

user32

GetSystemMenu
WinHelpW
DrawIcon
CreateWindowExA
SetWindowLongW
GetMessageW
CheckRadioButton
SetWindowTextA
SetFocus
SetForegroundWindow
SetWindowsHookExW
ValidateRect
GetDlgItemInt
GetDesktopWindow
DispatchMessageW
MoveWindow
GetSysColor
DefWindowProcA
RegisterClipboardFormatW
IsDlgButtonChecked
ClientToScreen
MessageBeep
CreateWindowExW
DefWindowProcW
DrawEdge
IsRectEmpty
ShowCursor
SendMessageW

Exports

Exports

SmqErcntjk
IrbxdgdVnbhcuSsdxEfl
VfwypdHfmakKtykUw

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a057b04361fa282afe428973eed95a1

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

msvcrt

opengl32

user32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.data Size: 116KB - Virtual size: 116KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 68B

.rdata Size: 3KB - Virtual size: 2KB

.text
Size: 2KB - Virtual size: 1KB

.data
Size: 116KB - Virtual size: 116KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 68B

.rdata
Size: 3KB - Virtual size: 2KB