4af9540a21dcc3dff9d509d221a0e0fa_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4af9540a21dcc3dff9d509d221a0e0fa_JaffaCakes118
Size

92KB
MD5

4af9540a21dcc3dff9d509d221a0e0fa
SHA1

54415468964cca866b49036faca5e6d1189c1c7a
SHA256

0e3f77bfb203e8312ee2284bdbc54584b228f6fe22e60c0958a792b8bd59a3e1
SHA512

412095e4ee125d04f80e4ac10dfd530f13138b7b979647db102bddef66e3bfd4c7d1a2fde28a4900972c76b6781f8dc308e3c4fffc5bf74f4572f292f4018c9b
SSDEEP

1536:PNXN4+7ZczhwUUYmbSASDO2MFCvJgZP1a0:P4VwUUYmWbDO2EPg0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4af9540a21dcc3dff9d509d221a0e0fa_JaffaCakes118

Files

4af9540a21dcc3dff9d509d221a0e0fa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

87e9678ca23a187076489bbb79dd656d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\opencv_project\program\cvision4\Debug\cvision.pdb

Imports

cxcore210

cvReleaseImage

highgui210

cvNamedWindow
cvLoadImage
cvDestroyAllWindows
cvShowImage

mfc90d

ord3559
ord3541
ord3539
ord3557
ord3569
ord3546
ord3562
ord3567
ord3550
ord3552
ord3554
ord3548
ord3564
ord3544
ord1226
ord1222
ord1224
ord1220
ord1215
ord7596
ord7598
ord8803
ord2306
ord6445
ord6972
ord5166
ord1903
ord3243
ord7547
ord6335
ord9296
ord7377
ord2699
ord7492
ord9298
ord2035
ord5950
ord2335
ord2338
ord8715
ord4634
ord2251
ord2252
ord2408
ord2409
ord6773
ord7160
ord6986
ord6365
ord7523
ord2847
ord6102
ord1475
ord8573
ord699
ord1131
ord1736
ord5912
ord6121
ord322
ord5168
ord7237
ord7001
ord869
ord2940
ord3748
ord8218
ord5034
ord598
ord5953
ord776
ord4708
ord2862
ord4642
ord440
ord3254
ord5043
ord7256
ord8667
ord4470
ord1971
ord7516
ord2780
ord2383
ord2382
ord2305
ord7544
ord4329
ord6669
ord6424
ord3031
ord1772
ord4873
ord406
ord5454
ord750
ord5744
ord1452
ord8837
ord2861
ord926
ord946
ord6124
ord6081
ord9299
ord5703
ord9297
ord6495
ord2904
ord2859
ord8123
ord5712
ord1386
ord7419
ord9228
ord7822
ord5746
ord2714
ord4451
ord7580
ord7582
ord3335
ord5954
ord6761
ord7592
ord7557
ord8106
ord3791
ord4105
ord4301
ord6476
ord4082
ord4304
ord3794
ord3981
ord3783
ord5563
ord5564
ord5554
ord3979
ord5957
ord6664
ord6423
ord3138
ord1860
ord8241
ord5026
ord687
ord6729
ord5496
ord939
ord3241
ord2210
ord9300
ord5704
ord6404
ord1666
ord1405
ord1502

msvcr90d

__set_app_type
__p__fmode
__p__commode
_setmbcp
_adjust_fdiv
__setusermatherr
_configthreadlocale
_decode_pointer
_onexit
_lock
__CxxFrameHandler3
_encode_pointer
__dllonexit
_unlock
_CRT_RTC_INITW
??_V@YAXPAX@Z
_amsg_exit
_invoke_watson
_controlfp_s
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_initterm_e
_initterm
_CrtDbgReportW
_CrtSetCheckCount
_acmdln
_ismbblead
exit
_cexit
_XcptFilter
_exit
__getmainargs

kernel32

InterlockedCompareExchange
GetStartupInfoA
IsDebuggerPresent
RaiseException
WideCharToMultiByte
MultiByteToWideChar
Sleep
GetProcAddress
LoadLibraryA
TerminateProcess
MulDiv
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
lstrlenA
DebugBreak
QueryPerformanceCounter
GetTickCount
FreeLibrary
VirtualQuery
GetModuleFileNameW
GetProcessHeap
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
InterlockedExchange

user32

GetSystemMetrics
CopyRect
IsRectEmpty
PtInRect
SetRect
SetRectEmpty
EqualRect
InflateRect
OffsetRect
IntersectRect
UnionRect
SubtractRect

comctl32

InitCommonControlsEx

oleaut32

SysFreeString

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87e9678ca23a187076489bbb79dd656d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

cxcore210

highgui210

mfc90d

msvcr90d

kernel32

user32

comctl32

oleaut32

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 1024B - Virtual size: 2KB

.idata Size: 5KB - Virtual size: 4KB

.rsrc Size: 30KB - Virtual size: 29KB

.textbss
Size: - Virtual size: 64KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 1024B - Virtual size: 2KB

.idata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 30KB - Virtual size: 29KB