3cef25b7427339d05fea9a4401a74677_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3cef25b7427339d05fea9a4401a74677_JaffaCakes118
Size

353KB
MD5

3cef25b7427339d05fea9a4401a74677
SHA1

4b77ee213738ddccb6c26f1903f16cd5a149d5f8
SHA256

ac2bf7de114c1784385beb9cb650aad24d61f0e3e994ae6f846c0cb861dfeadc
SHA512

0c11fa48dc563407d13a356b8261b7c615c36d232108a787459890c883531a43a31e9cef076839a8544003b45ae15514c5d7ec86ca3003e035ad7240ebdcd125
SSDEEP

6144:vN5H1TT1WWXXvxAm3oMoUteIA2fCF7E/Ic18wHgE1xJwqigDp:15LWWXX/oMoq9AI8wHJ1xDp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cef25b7427339d05fea9a4401a74677_JaffaCakes118

Files

3cef25b7427339d05fea9a4401a74677_JaffaCakes118
.exe windows:1 windows x86 arch:x86

b6c3a06fcec62b354c296751458c523b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

d3drm

Direct3DRMCreate

ddraw

DirectDrawCreate

dsound

DirectSoundCreate

shell32

ShellExecuteA

winmm

mmioAscend
mmioClose
mmioDescend
mmioOpenA
mmioRead
joyGetDevCapsA
joyGetNumDevs
joyGetPos
joyGetPosEx
joyReleaseCapture
joySetCapture
joySetThreshold
mciSendStringA

kernel32

ExitProcess
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetExitCodeProcess
GetModuleHandleA
GetTickCount
GlobalAlloc
GlobalFree
RtlUnwind
Sleep

user32

GetClientRect
GetWindowRect
SetCapture
GetKeyboardState
LoadCursorA
LoadIconA
RegisterClassA
MessageBoxA
ShowCursor
SetCursorPos
SetCursor
GetCursorPos
PeekMessageA
GetDesktopWindow
TranslateMessage
DispatchMessageA
GetWindowDC
ReleaseDC
FillRect
PostMessageA
PostQuitMessage
ShowWindow
CreateWindowExA
DestroyWindow
DefWindowProcA

gdi32

BeginPath
FillPath
GetCharWidthA
GetCurrentObject
GetNearestColor
GetPaletteEntries
GetStockObject
GetTextMetricsA
LineTo
MoveToEx
Polygon
Polyline
RemoveFontResourceA
SelectObject
SetBkColor
SetBkMode
CreateBrushIndirect
SetMapMode
SetPaletteEntries
SetTextAlign
SetTextColor
SetViewportExtEx
SetWindowExtEx
TextOutA
AddFontResourceA
CreateFontA
CreatePen
DeleteObject
Ellipse
EndPath

crtdll

__GetMainArgs
abs
atan
cos
exit
fabs
fclose
fopen
fread
fwrite
memcpy
memset
qsort
raise
rand
signal
sin
sprintf
sqrt
srand
strcat
strchr
strcmp
strcpy
strlen
vsprintf

Sections

.text
Size: 194KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 17.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 18KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b6c3a06fcec62b354c296751458c523b

Headers

File Characteristics

Imports

d3drm

ddraw

dsound

shell32

winmm

kernel32

user32

gdi32

crtdll

Sections

.text Size: 194KB - Virtual size: 194KB

.bss Size: - Virtual size: 17.2MB

.data Size: 135KB - Virtual size: 135KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 7KB - Virtual size: 18KB

.text
Size: 194KB - Virtual size: 194KB

.bss
Size: - Virtual size: 17.2MB

.data
Size: 135KB - Virtual size: 135KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 7KB - Virtual size: 18KB