3a9429234ca6f8d836d3e5c33246df9c_JaffaCakes118

General

Target

3a9429234ca6f8d836d3e5c33246df9c_JaffaCakes118
Size

183KB
MD5

3a9429234ca6f8d836d3e5c33246df9c
SHA1

4c5057204bf7372282cc0382e8a4528e2973ddcc
SHA256

19b37daa5a7e7d4b294ba49786142621e9ba933d9c53ba50c511d6f3457fb73a
SHA512

9ca86f706c51a2c3d5c57671ec6492308df640b4f54387843490468c64b2356b6feb64f8593ffa631e2f750d8a9c24d85b4f3e6a3ee0d024f5e1a15983538c70
SSDEEP

3072:8jni1oCiptKwHoIs60nlarGU3rnBc4FJ9IkslsoL3UJpe114UVW5QtzGGgAkEL52:T1tLIoIN0nArbntFkkslM3e119nC5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a9429234ca6f8d836d3e5c33246df9c_JaffaCakes118

Files

3a9429234ca6f8d836d3e5c33246df9c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c8a03058c1e0b40a90112b0d2783ca60

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
GetVersion
VirtualFree
WaitForSingleObject
GetProcessHeap
GetProcAddress
GetModuleFileNameW
GetStringTypeA
InterlockedExchange
GetSystemTimeAsFileTime
lstrcmpW
GlobalDeleteAtom
InitializeCriticalSection
ExitProcess
GetCurrentThreadId
GetTickCount
Sleep
GetLastError
DeleteCriticalSection
MultiByteToWideChar
GetTempFileNameA
VirtualAlloc
GetModuleHandleA
lstrlenW
EnterCriticalSection
SetThreadPriority
LoadLibraryA
LocalFree
LoadLibraryW
GetModuleFileNameA
GetCPInfo
LeaveCriticalSection
FindResourceA

user32

SendMessageW
IsIconic
GetNextDlgTabItem
DialogBoxParamW
CopyRect
GetDlgCtrlID
ReleaseDC
MessageBoxA
EndDialog
GetSysColor
PostQuitMessage
IsWindow
SetDlgItemTextW
TrackPopupMenu

opengl32

glRotatef

msvcrt

__CxxFrameHandler
__wgetmainargs
realloc
??3@YAXPAX@Z
fflush

gdi32

StretchBlt
CreateFontIndirectW
CreateCompatibleDC

shell32

SHGetMalloc

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c8a03058c1e0b40a90112b0d2783ca60

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

opengl32

msvcrt

gdi32

shell32

Sections

.text Size: 115KB - Virtual size: 115KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 115KB - Virtual size: 115KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 1KB