347f5e82ef100778183f164ca77c2c97_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

347f5e82ef100778183f164ca77c2c97_JaffaCakes118
Size

79KB
MD5

347f5e82ef100778183f164ca77c2c97
SHA1

c8364b122bcbf0a7565bec03476ed64ec439ffab
SHA256

ea1d292d173dce0e9c81b742452449ba4350bd37f6864e792388f25da1123b56
SHA512

02efea6fa73ee044b53b0eb74b683e24067510d2cf30d7842035f3974d1e2df7f3632f20c2a1ceb50289e04e432dcc1fcdd7968ee7987931f4d1549b5dca9951
SSDEEP

1536:z/rjgIh4LBRmTmjiFCxZfgg275W8gNKEAqCBekDVtWq7nXoX:7ngDuzFQ475wKEApB7EgXoX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
347f5e82ef100778183f164ca77c2c97_JaffaCakes118

Files

347f5e82ef100778183f164ca77c2c97_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6cac026146b6ac7d968d5a48f719e572

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
DosDateTimeToFileTime
TryEnterCriticalSection
ReadFileEx
GetStdHandle
GetStringTypeA
VirtualAlloc
GetProcAddress
GlobalHandle
ExitProcess
GetFileAttributesExA
CreateJobObjectA
LoadLibraryA
LoadResource
DuplicateHandle
CreateFileA
GetLastError
VirtualProtect
GetModuleHandleW
FindResourceW
ResetEvent
GetProfileSectionW
MapViewOfFileEx

msvcrt

is_wctype
fgetpos
_y1
_wstati64
_mbstrlen
memset
__p__winver
memcpy
__lc_handle
isspace
_CIlog
__unDNameEx
_telli64
_sopen
_strtime
_isnan
isalnum
_wpopen
iswctype
_cscanf
__STRINGTOLD
ispunct
?raw_name@type_info@@QBEPBDXZ
_nextafter
isupper
ctime

user32

InvalidateRect
EnableMenuItem
GetNextDlgTabItem
DialogBoxParamW
LoadStringW
MoveWindow
CheckRadioButton
TranslateAcceleratorW
GetClassNameW
SetWindowPlacement
FindWindowW
ModifyMenuW
LoadStringA
PrivateExtractIconsW

opengl32

glGetTexLevelParameterfv
glPixelZoom
glTexCoord1dv
glIndexub
glNormalPointer
glMap1f
glTexParameteri
glRasterPos4sv
glCopyPixels
glTexGeniv
glPolygonMode
glFlush
glInterleavedArrays
glColor3fv
glRectf
glRotated

Exports

Exports

LzRsnjaUtxyfdUilbpnBwr
PyXnlzdnUgaeWiucgpsMl
DpqidMcqaHavbZo
CrCarcmcBejzjyvGf

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 115B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 1024B - Virtual size: 537B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 22B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.media
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 650B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6cac026146b6ac7d968d5a48f719e572

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

opengl32

Exports

Exports

Sections

.text Size: 35KB - Virtual size: 35KB

.rdata Size: 3KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 115B

.crt Size: 1024B - Virtual size: 537B

.tls Size: 512B - Virtual size: 22B

.media Size: 512B - Virtual size: 69B

.data Size: 1024B - Virtual size: 650B

.rsrc Size: 35KB - Virtual size: 35KB

.reloc Size: 512B - Virtual size: 116B

.text
Size: 35KB - Virtual size: 35KB

.rdata
Size: 3KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 115B

.crt
Size: 1024B - Virtual size: 537B

.tls
Size: 512B - Virtual size: 22B

.media
Size: 512B - Virtual size: 69B

.data
Size: 1024B - Virtual size: 650B

.rsrc
Size: 35KB - Virtual size: 35KB

.reloc
Size: 512B - Virtual size: 116B