2b3c188ea44252f927308080c1fd7fc9_JaffaCakes118

General

Target

2b3c188ea44252f927308080c1fd7fc9_JaffaCakes118
Size

410KB
MD5

2b3c188ea44252f927308080c1fd7fc9
SHA1

51513a78772b0ee50ab3542ef6720d38fe2fb9a2
SHA256

95b14500e01f192638e581fc3ed027507f63f77e852e5d65642754f3ec1ef354
SHA512

0e6c25762fc60012eec83e6ff9885e4e01ef3ba33c523fffdc75927f3e5e783e983bc182eacb6942ee1d241f580904fe0ac28fea35ad79d97d26a75c31c00ece
SSDEEP

6144:ncgUnnbP4Q8loJD1+VAf8+NqAt8HHWJuEs3YPzGlWOZHOVLauyuoem45W3IE:cgUnnz8loJpKCq1HWJu13YPKlM8uyuD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b3c188ea44252f927308080c1fd7fc9_JaffaCakes118

Files

2b3c188ea44252f927308080c1fd7fc9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

799ef977ed0f2ed534f9db30a1daac20

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedExchange
Sleep
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
SetConsoleTitleA
GetProcessHeap
HeapFree
HeapAlloc
GetSystemTimeAsFileTime

msvcrt

_adjust_fdiv
_amsg_exit
_initterm
_XcptFilter
free
malloc

ntdll

RtlUnwind

glu32

gluQuadricTexture
gluEndTrim
gluLoadSamplingMatrices
gluPickMatrix
gluDeleteTess
gluLookAt
gluScaleImage
gluTessEndPolygon
gluNewNurbsRenderer
gluNurbsProperty
gluEndSurface
gluTessNormal
gluGetTessProperty
gluQuadricNormals
gluNextContour
gluBeginSurface
gluNurbsSurface
gluEndCurve
gluNewQuadric
gluProject
gluUnProject
gluQuadricOrientation
gluQuadricDrawStyle
gluNurbsCallback
gluPartialDisk

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 361KB - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

799ef977ed0f2ed534f9db30a1daac20

Headers

File Characteristics

Imports

kernel32

msvcrt

ntdll

glu32

Sections

.text Size: 42KB - Virtual size: 41KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 361KB - Virtual size: 452KB

.rsrc Size: 1024B - Virtual size: 832B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 42KB - Virtual size: 41KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 361KB - Virtual size: 452KB

.rsrc
Size: 1024B - Virtual size: 832B

.reloc
Size: 3KB - Virtual size: 2KB