3ec5ddcbd0767f60ca666d063979188b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ec5ddcbd0767f60ca666d063979188b_JaffaCakes118
Size

298KB
MD5

3ec5ddcbd0767f60ca666d063979188b
SHA1

0d71af83e076bbd2839294d349f4a9bafda50616
SHA256

3b96f4435f44cdc5150fcced242de1c0c32a32bfff60f0238debe2e91c3630d1
SHA512

ba4d0f67ad9ce265a52345ce3787982ce1682db590e056f5f86ffa5884a2ca81aaa50f2e6ff95a7134f4a2bb28dc9fdf683c6fb7efc93b5cec50d8646c3f0a42
SSDEEP

6144:vGBQnNgj+A97MzIGNJljcAaqTZMZSOGD4foVKTBXHbZ:OdfM/VMZStD4foVKTr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ec5ddcbd0767f60ca666d063979188b_JaffaCakes118

Files

3ec5ddcbd0767f60ca666d063979188b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f4f71f9e72b0d1063528989ca1132e56

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

pow
cos
rand
sin
log
strlen
strncmp
memchr
strcmp
??3@YAXPAX@Z
memset
strcpy
sqrt
free
_adjust_fdiv
_initterm
floor
calloc
_CIpow
fabs
??2@YAPAXI@Z
isalnum
sprintf
strncpy
srand
realloc
malloc
memmove
ceil
memcpy
exp
_purecall

kernel32

FlushInstructionCache
SetLastError
GetSystemInfo
VirtualAlloc
VirtualProtect
DeviceIoControl
CloseHandle
CreateFileA
SetPriorityClass
GetCurrentProcess
GetVersionExA
DisableThreadLibraryCalls
MulDiv
HeapAlloc
GetProcessHeap
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrcatA
lstrcpyA
lstrlenA
GetModuleFileNameA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapFree
GetVersion

iphlpapi

GetAdaptersInfo

user32

RemovePropA
SetPropA
GetClientRect
GetWindowLongA
FillRect
GetSysColor
DrawFrameControl
SetRect
GetSystemMetrics
GetSysColorBrush
DrawEdge
GetWindowRect
GetParent
OffsetRect
GetWindowDC
ReleaseDC
CopyRect
MapWindowPoints
CallWindowProcA
PtInRect
SetCapture
SetTimer
KillTimer
ReleaseCapture
GetMessagePos
ScreenToClient
GetCursorPos
ShowScrollBar
SetWindowLongA
SetScrollInfo
SetScrollPos
GetScrollRange
GetScrollPos
GetScrollInfo
EnableScrollBar
SendMessageA
SetWindowPos
GetPropA
MessageBoxA
SetScrollRange

gdi32

ExtTextOutA
CreatePatternBrush
SetBrushOrgEx
PatBlt
CreateCompatibleDC
CreateBitmap
UnrealizeObject
SelectObject
CreateCompatibleBitmap
SetBkColor
BitBlt
GetStockObject
SetTextColor
DeleteObject
DeleteDC

Exports

Exports

_resetstkoflw
_set_security_error_handler
lrand48
srand48
ttpcomm_getversion

Sections

.text
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

text
Size: 512B - Virtual size: 119B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4f71f9e72b0d1063528989ca1132e56

Headers

File Characteristics

Imports

msvcrt

kernel32

iphlpapi

user32

gdi32

Exports

Exports

Sections

.text Size: 145KB - Virtual size: 144KB

text Size: 512B - Virtual size: 119B

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 26KB - Virtual size: 150KB

.tls Size: 512B - Virtual size: 28B

.reloc Size: 104KB - Virtual size: 104KB

.text
Size: 145KB - Virtual size: 144KB

text
Size: 512B - Virtual size: 119B

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 26KB - Virtual size: 150KB

.tls
Size: 512B - Virtual size: 28B

.reloc
Size: 104KB - Virtual size: 104KB