2c8bf89bd21f8ea59c7fe0215e3282e5_JaffaCakes118

General

Target

2c8bf89bd21f8ea59c7fe0215e3282e5_JaffaCakes118
Size

21KB
MD5

2c8bf89bd21f8ea59c7fe0215e3282e5
SHA1

079528b41a5254ef1b23dbd6e7d72e73385414cf
SHA256

78bb16f547ee4935b65baebef6c534e965b6a877c59bd8d11db4a12cab2abe11
SHA512

07d04ce9dd26629b244d60d379485141b8e6162961d32320d61c0fdb25485c62a45e85866387f4e9b94d01041b237c3c7b50c8d430ce85881e51d93c4da62985
SSDEEP

384:v5wPu86E7awlkWvRvwRYJ8rjHe1DzqxDXnJ4X07Kc:CPb6WnGW5oce7e1DgnJ4Xjc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c8bf89bd21f8ea59c7fe0215e3282e5_JaffaCakes118

Files

2c8bf89bd21f8ea59c7fe0215e3282e5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

af420bbd21afda15ec19b2e97acb6f76

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

fmod
ferror
fabs
_strdate
_strncnt
fwrite
_mbschr
_findclose
_memccpy
_abnormal_termination
atexit
_makepath
vprintf
_spawnvpe
_CIpow
_wcsnset
fseek

kernel32

GetPrivateProfileSectionA
EnumCalendarInfoExW
GetConsoleFontSize
AddConsoleAliasW
GetTickCount
GetAtomNameW
GetCurrentThreadId
VirtualAlloc
QueryPerformanceCounter
OutputDebugStringW
QueueUserWorkItem
IsDBCSLeadByteEx
OpenWaitableTimerA
GetCurrentProcessId
DebugActiveProcess
GetDiskFreeSpaceA
CreateDirectoryExA
WriteConsoleInputA
GetCommState
CreateIoCompletionPort
GetNamedPipeHandleStateW

opengl32

wglGetLayerPaletteEntries
glReadPixels
glTexCoord4iv
wglDescribePixelFormat
glCopyPixels
glTexCoord2d
glGetMapiv
glCopyTexImage2D
glIndexsv
glGetPixelMapfv
glRenderMode
glGetPixelMapusv
glNormal3b
glDrawArrays
glEnableClientState
glRasterPos3d
glTexCoord3f
glPolygonMode
glLightModeli
glInterleavedArrays
glFrontFace
glEndList
glColor4ubv
glMap1f
glRectfv
glVertex4dv

msvcrt20

??_Gofstream@@UAEPAXI@Z
_CItanh
??0ostrstream@@QAE@ABV0@@Z
??0istream@@QAE@PAVstreambuf@@@Z
_creat
_scalb
_wspawnvp
?is_open@fstream@@QBEHXZ
_wrmdir
_osver
?rdbuf@ifstream@@QBEPAVfilebuf@@XZ
_rotr
_commode
_write
??_Estreambuf@@UAEPAXI@Z

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 658B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af420bbd21afda15ec19b2e97acb6f76

Headers

DLL Characteristics

File Characteristics

Imports

crtdll

kernel32

opengl32

msvcrt20

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 1024B - Virtual size: 658B

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 1024B - Virtual size: 658B

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 3KB