3c0bf1da3456c5f2fa4c54f3d933de53_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c0bf1da3456c5f2fa4c54f3d933de53_JaffaCakes118
Size

117KB
MD5

3c0bf1da3456c5f2fa4c54f3d933de53
SHA1

b0145d30fb2d7fc28b947271df9f4b333569a64c
SHA256

8c66118f2518310d9ea7aa501ba8c14920dfb0ff41d4d3a0a7e07935aa6dd6d2
SHA512

b030e01437500f43519de0ae006c2f50a3487261d3f861e85183d40c67e08cf4c7bdcb481c6a3f2b29ad56349cd6234d301711cbdc3a115f5c29123e6884977d
SSDEEP

3072:6E7u6GTvmHF1UasmdV0rCvj6hvIj0U+K+rOoaXw6lJQPxNBLQdn:6EfGLmpsmErCvj5+hroALy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c0bf1da3456c5f2fa4c54f3d933de53_JaffaCakes118

Files

3c0bf1da3456c5f2fa4c54f3d933de53_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a09d589a9fcc03e2f82d7b3f808e604

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
OutputDebugStringA
VirtualAlloc
BeginUpdateResourceW
VirtualProtect
ExitThread
GetProcAddress
_lclose
GetWindowsDirectoryA
GetModuleHandleA
FreeLibrary
lstrlenA
GetModuleHandleW
WriteConsoleW
GetLastError
VirtualFree
FindFirstFileW
HeapAlloc
BindIoCompletionCallback
LoadLibraryW
GetStringTypeW

msvcrt

wcscpy
__p__fmode
_wcmdln
_vsnprintf
is_wctype
isalpha
_snwprintf
_purecall
_adjust_fdiv
_controlfp
_iob
strncpy
__winitenv
__dllonexit
_wtol
_ftol
swscanf
__p__commode
_c_exit
wcscat
_exit
wcslen
__CxxFrameHandler
iscntrl
memcpy
wcschr
_except_handler3
wcscmp
free
swprintf
_cexit
__initenv
malloc

opengl32

glColor4f
glColor4i
glTexCoord2d
glFogfv
glColor4d
glTexCoord2dv
glColor3ui
wglShareLists
glStencilMask
GlmfBeginGlsBlock

shell32

ShellExecuteW
SHGetFolderPathW
SHGetPathFromIDListW
SHGetFileInfoW

user32

CheckDlgButton
ReleaseDC
ClientToScreen
DialogBoxParamA
DestroyWindow
SendMessageW
CopyRect
SetCapture
wsprintfW
GetParent
IsWindow
LoadCursorA
GetProcessWindowStation
LoadCursorW
UnregisterClassW
MapWindowPoints
BeginPaint
GetMenuItemCount
RegisterClassA
LoadMenuW
DispatchMessageW
SendMessageA
ScreenToClient
GetCursorPos
ReleaseCapture
LoadImageW
SetScrollPos

Exports

Exports

KmmbTobyhhTytqsGf
BxsUoytkpPsl
TanudMqnek

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a09d589a9fcc03e2f82d7b3f808e604

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

opengl32

shell32

user32

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 2KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 118B

.data Size: 97KB - Virtual size: 96KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 108B

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 2KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 118B

.data
Size: 97KB - Virtual size: 96KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 108B