3954bb53415230476e5c2db94a09fc4e_JaffaCakes118

General

Target

3954bb53415230476e5c2db94a09fc4e_JaffaCakes118
Size

72KB
MD5

3954bb53415230476e5c2db94a09fc4e
SHA1

93c23ef32a489d37d18e5d680999ed8b6f6435cc
SHA256

0879ee0b4a375a16b3b8242b559ea4600910a0357c06a5037777489a4fb9a1a3
SHA512

326010e69baa885529c9a01a0b8496268cd43e3c8ff756c411cee5f02515b6293f0453f01dd09f026017736d6a7b8a4a849494258cb402fc47f15dd9f7969ed5
SSDEEP

1536:O9PIWsDXbLDBjCftctoqA2Izn5J7qvmtTA2dmtg7tRyWou:usDX4tctoJ7tfgtg7tz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3954bb53415230476e5c2db94a09fc4e_JaffaCakes118

Files

3954bb53415230476e5c2db94a09fc4e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bda312f41c1960a5df7d17141f1e38b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
ExitProcess
FindClose
GetTimeZoneInformation
IsBadWritePtr
WaitForMultipleObjects
LoadLibraryA
VirtualProtect
GetLastError
LoadResource
FatalAppExitW
GetHandleInformation
CreateJobObjectW
DisableThreadLibraryCalls
LocalAlloc
GetModuleHandleA
GetCurrentDirectoryA
FindResourceExA
GetModuleHandleW
VirtualAlloc

msvcrt

_ecvt
_seh_longjmp_unwind
_utime
iscntrl
_mbstok
memcpy
strlen
_wrmdir
__STRINGTOLD
strlen
sprintf
_fcloseall
_rotr
_fstat
getchar
_rmtmp
_mbsncat
_CIlog
_loaddll

user32

InvalidateRect
SetClipboardData
LoadStringA
GetClassLongW
TranslateMessage
LoadStringW
MapVirtualKeyA
SetWindowPos
ModifyMenuA
GetMessageExtraInfo
UnregisterClassA
AppendMenuW
EnumDisplayMonitors
CheckMenuItem

gdi32

DeleteObject
CreateFontIndirectW
CombineRgn
GetTextExtentExPointW
GetPixel
CreateSolidBrush
CreateRectRgn
GetNearestPaletteIndex
SetBkMode
SetBrushOrgEx
GetRgnBox
EqualRgn
SetViewportExtEx
GetDIBits

opengl32

glVertex3f
glGetMaterialfv
glPopClientAttrib
glColor4dv
glLightfv
glRectdv
glColor3bv
glGetTexParameteriv
wglSwapMultipleBuffers
glColor4f
glColorMaterial

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 70B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bda312f41c1960a5df7d17141f1e38b9

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 23KB - Virtual size: 23KB

.data Size: 15KB - Virtual size: 14KB

.rsrc Size: 28KB - Virtual size: 27KB

.reloc Size: 512B - Virtual size: 70B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 15KB - Virtual size: 14KB

.rsrc
Size: 28KB - Virtual size: 27KB

.reloc
Size: 512B - Virtual size: 70B