3ce7d3f29193156f9235531c2e6dcd66_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ce7d3f29193156f9235531c2e6dcd66_JaffaCakes118
Size

37KB
MD5

3ce7d3f29193156f9235531c2e6dcd66
SHA1

a4e6fd8e4a58ecc9b3c02175c5ec6d39b85cf336
SHA256

171ab0653d796212cdc250d69023322c0d2e3ad1b4dd8c9e7ef82d60cca8bd8e
SHA512

37c867b95ebfcfc20a917ed26657654eaf3bc472e34167e85e50e1606738023ab91c249a65cb32a41ca6427d07f8e4442bc343a3464f1484d232966888631b8a
SSDEEP

384:4O2hcQP1kQ1394inuCFXnyefYPUugMC9GPzs/PxlUbWdtdGtd7PCy6QP:wc6uCFXyeYPjCUs/rUSG+oP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ce7d3f29193156f9235531c2e6dcd66_JaffaCakes118

Files

3ce7d3f29193156f9235531c2e6dcd66_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d22041e7c7e8401018891f3f714a9437

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\OpenCV2.0\vc2005\bin\Debug\opencv_performanced.pdb

Imports

cxcore200d

cvFree_
cvReleaseImage
cvCreateMemStorage
cvReleaseMemStorage
cvAlloc
cvClearMemStorage
cvGetSeqElem
cvRectangle

cv200d

cvHaarDetectObjects
cvLoadHaarClassifierCascade
cvReleaseHaarClassifierCascade

highgui200d

cvLoadImage
cvSaveImage

msvcr80d

atof
strcmp
printf
strrchr
sqrt
??2@YAPAXI@Z
_CRT_RTC_INITW
_configthreadlocale
__setusermatherr
atoi
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_amsg_exit
__getmainargs
_exit
_XcptFilter
_cexit
exit
__initenv
_CrtSetCheckCount
_CrtDbgReportW
_initterm
_initterm_e
_crt_debugger_hook
_controlfp_s
_invoke_watson
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
strcpy
fopen
feof
fscanf
clock
__iob_func
fflush
strcat
fclose
fprintf
??_V@YAXPAX@Z
_adjust_fdiv

kernel32

FreeLibrary
VirtualQuery
GetModuleFileNameW
GetProcessHeap
HeapAlloc
HeapFree
FatalAppExitA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
LoadLibraryA
GetProcAddress
lstrlenA
MultiByteToWideChar
IsDebuggerPresent
WideCharToMultiByte
DebugBreak
RaiseException
InterlockedCompareExchange
Sleep
InterlockedExchange
TerminateProcess

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d22041e7c7e8401018891f3f714a9437

Headers

File Characteristics

PDB Paths

Imports

cxcore200d

cv200d

highgui200d

msvcr80d

kernel32

Sections

.text Size: 19KB - Virtual size: 19KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 19KB - Virtual size: 19KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 3KB - Virtual size: 3KB