85da81fe4849f6c2211001c151f83073_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

85da81fe4849f6c2211001c151f83073_JaffaCakes118
Size

99KB
MD5

85da81fe4849f6c2211001c151f83073
SHA1

863ad295c1c882bac74c9fd384180301c7d0aea7
SHA256

e923372633a5c6d5442b4a4e0016161799eef79bb3241b619163c162b03c23a3
SHA512

61e83f66077cc4ae72407d2623a12e30d704ecbc54827864f13c56483dd726e1d5931f8c9512d76f4d6381168212c8a096b19af177fc6d1497e8f8f722c82bc2
SSDEEP

1536:Gua93gDdIOQaDTrp9o85pCRn39pdVCBIrZUkWb8AGAWyzLrb+gvIlOM:G5gaOQa/otpdVKOUkGJW4+fl5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85da81fe4849f6c2211001c151f83073_JaffaCakes118

Files

85da81fe4849f6c2211001c151f83073_JaffaCakes118
.dll windows:1 windows x86 arch:x86

77803399af671f304a034ac640c0c2dd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
ExitThread
FatalAppExitA
FlushFileBuffers
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
GetEnvironmentStringsA
GetFileType
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStdHandle
GetVersion
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalUnlock
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LocalAlloc
LocalFree
LocalHandle
LocalLock
LocalReAlloc
LocalUnlock
MultiByteToWideChar
ResumeThread
SetConsoleCtrlHandler
SetEnvironmentVariableA
SetEnvironmentVariableW
SetFilePointer
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WideCharToMultiByte
WriteFile

user32

AppendMenuA
CharUpperA
CopyRect
GetMenuState
GetMenuStringA
GetMessageA
GetSubMenu
GetTopWindow
GetWindowLongA
GetWindowPlacement
InsertMenuA
MessageBoxA
ModifyMenuA
SetMenu
SetWindowLongA
SetWindowPlacement

gdi32

Arc
BitBlt
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectA
CreatePen
CreateSolidBrush
DeleteDC
DeleteObject
Ellipse
GetBkColor
GetBkMode
GetCurrentPositionEx
GetDeviceCaps
GetObjectA
GetStockObject
GetTextExtentPointA
GetTextMetricsA
LineTo
MoveToEx
Pie
Polygon
RectVisible
Rectangle
RestoreDC
SaveDC
SelectObject
SetBkColor
SetBkMode
SetBrushOrgEx
SetMapMode
SetTextAlign
SetTextColor
TextOutA

Exports

Exports

_three_d_begin@8
_three_d_box@40
_three_d_draw@4
_three_d_end@4
_three_d_fini@0
_three_d_get@8
_three_d_init@0
_three_d_set@12

Sections

AUTO
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 7KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77803399af671f304a034ac640c0c2dd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

AUTO Size: 83KB - Virtual size: 83KB

.idata Size: 3KB - Virtual size: 2KB

DGROUP Size: 7KB - Virtual size: 13KB

.edata Size: 512B - Virtual size:

.reloc Size: 4KB - Virtual size:

AUTO
Size: 83KB - Virtual size: 83KB

.idata
Size: 3KB - Virtual size: 2KB

DGROUP
Size: 7KB - Virtual size: 13KB

.edata
Size: 512B - Virtual size:

.reloc
Size: 4KB - Virtual size: