ab4f988a650c09c73063e2a87a27a2a0_JaffaCakes118

General

Target

ab4f988a650c09c73063e2a87a27a2a0_JaffaCakes118
Size

88KB
MD5

ab4f988a650c09c73063e2a87a27a2a0
SHA1

c2dc2cbcfae16f5fd1e8253ba79264e6ae91cc33
SHA256

0a39e6723b1e6bacc502dda523a4110f08a32f46ca3c897565f475f9887967ea
SHA512

651228356532c41fca43e8bd236906321d9b1f8447dc75455d0dcf535fda1e844723934222674d7d598973109c4edf5925b28e67db4ac13cdef2868dd9c84159
SSDEEP

1536:DRAkSc/Hrn3hXKrSNK5VIAJgG4MZmcEYNrxJc5sDOtcMjMD9:DRAtmRXySNK5aA94MZyYlGsmpjMJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab4f988a650c09c73063e2a87a27a2a0_JaffaCakes118

Files

ab4f988a650c09c73063e2a87a27a2a0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e64abc7cd880c8905d04480b427539ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapViewOfFile
GetDiskFreeSpaceExA
VirtualAlloc
ReadFileEx
GetProfileIntW
QueryPerformanceCounter
FindResourceA
GetModuleHandleA
GetLogicalDriveStringsW
CreateEventW
VirtualFreeEx
FormatMessageW
LoadLibraryA
VirtualFree
CreateDirectoryA
DeleteAtom
MoveFileA
VirtualProtect
GetModuleFileNameW

msvcrt

memcpy
_fpieee_flt
_rotr
strncpy
fgets
ispunct
_wfsopen
toupper
abs
wcstok
_wpopen
_tzname

comdlg32

PrintDlgA
PrintDlgW
FindTextW
LoadAlterBitmap
dwLBSubclass
Ssync_ANSI_UNICODE_Struct_For_WOW
WantArrows
PrintDlgExW
GetFileTitleW
PrintDlgExA
ReplaceTextW
ChooseFontW
ReplaceTextA
FindTextA
GetOpenFileNameW

winmm

mid32Message
mciGetYieldProc
waveOutSetVolume
auxGetDevCapsA
auxGetNumDevs
mmioAdvance
midiOutLongMsg
CloseDriver
waveInGetPosition

opengl32

glMaterialf
glNormal3d
glRasterPos4iv
glGetClipPlane
glEvalCoord2d
wglCopyContext
wglSetPixelFormat
glLogicOp
glFlush
glTexParameterfv
glVertex2sv
glMap2f
glMultMatrixd
glTexCoord1d
glVertex2fv
glIndexf
glTexCoord2s
glPopName

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 50B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e64abc7cd880c8905d04480b427539ce

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

comdlg32

winmm

opengl32

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 20KB - Virtual size: 20KB

.rsrc Size: 22KB - Virtual size: 21KB

.reloc Size: 512B - Virtual size: 50B

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 22KB - Virtual size: 21KB

.reloc
Size: 512B - Virtual size: 50B