3f8f740ff0b1650e954896b0f1c340a3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3f8f740ff0b1650e954896b0f1c340a3_JaffaCakes118
Size

126KB
MD5

3f8f740ff0b1650e954896b0f1c340a3
SHA1

abca8790e83c097dae2464fa9ac93d1905be9e87
SHA256

ab8b702ff14e2f1a9f8326fdca7ccf64a9a022163cad8a3fe6972a073ca07b39
SHA512

d1dd91efad9decae68feac655be003d30ce51f8aa6ee6bff571406ca550f3555f817cb74f01170880def1d9c80f2b034b64dc2a9e00b47069875901cfcfe0fb6
SSDEEP

3072:PqAu28HSnq5CqmlsJE599AkDUTCSxoQNYFOX:PP8HSkaXR4TCmNN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f8f740ff0b1650e954896b0f1c340a3_JaffaCakes118

Files

3f8f740ff0b1650e954896b0f1c340a3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b72ea603a107999c05302533db731ff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

TranslateCharsetInfo
RestoreDC
CreateBitmap
PatBlt
SetTextColor
StretchBlt
CreateFontIndirectW
SetBkMode
Rectangle
CreateCompatibleDC

kernel32

GetTempPathW
WriteConsoleW
_lclose
DisableThreadLibraryCalls
FindFirstFileW
VirtualFree
lstrlenA
AllocConsole
GetProcAddress
FreeLibrary
GetWindowsDirectoryA
HeapAlloc
GetModuleHandleA
GetCurrentProcess
VirtualProtect
AddVectoredExceptionHandler
OutputDebugStringA
VirtualAlloc
GetStringTypeW
OutputDebugStringA
ExitThread
LoadLibraryW

msvcrt

wcslen
malloc
wcscat
strncpy
wcschr
_ftol
_controlfp
_wtol
wcscpy
_iob
_purecall
__CxxFrameHandler
_adjust_fdiv
_except_handler3
_c_exit
__initenv
wcscmp
memcpy
_snwprintf
_cexit
__winitenv
memset
swscanf
__dllonexit
_wcmdln
free
swprintf
isalpha
__p__fmode
_exit
__p__commode
_vsnprintf

opengl32

glTexCoord2d
glColor4d
glColor4i
glStencilMask
glTexCoord2dv
glFogfv
wglShareLists
GlmfBeginGlsBlock
glColor3ui
glColor4f

user32

ScreenToClient
LoadCursorA
DialogBoxParamA
LoadCursorW
SetScrollPos
CheckDlgButton
GetMenuItemCount
ReleaseDC
SendMessageW
SetCapture
BeginPaint
UnregisterClassW
DestroyWindow
GetProcessWindowStation
GetParent
CopyRect
ReleaseCapture
ClientToScreen
DispatchMessageW
LoadImageW
GetCursorPos
MapWindowPoints
LoadMenuW
IsWindow
RegisterClassA
SendMessageA
ValidateRect
wsprintfW

Exports

Exports

SmqErcntjk
IrbxdgdVnbhcuSsdxEfl
VfwypdHfmakKtykUw

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b72ea603a107999c05302533db731ff

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

msvcrt

opengl32

user32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 72B

.data Size: 116KB - Virtual size: 116KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 72B

.data
Size: 116KB - Virtual size: 116KB

.rsrc
Size: 3KB - Virtual size: 2KB