0a14cc6fc3183d661e865789f241387d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0a14cc6fc3183d661e865789f241387d_JaffaCakes118
Size

167KB
MD5

0a14cc6fc3183d661e865789f241387d
SHA1

2dc53440445a3bbb8bd5f585f95db2e3955c0604
SHA256

47a79a774e430c04e3e2f18bed1e63a5bc58f8acb7a87787fc78f33678d65209
SHA512

169f2f74c2cfff961c4378330b6a6827aabfffd3628f0b5c8fa2e460bc9e23676a3cafa2745eefd2223ad9f13ffab1fdaa46415b343ffc3704f93e25d9a106e7
SSDEEP

3072:HIaufBHT5v3giN6Klf5IIpDef6e3FcRX2p57t:HIakzSiBAVGw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a14cc6fc3183d661e865789f241387d_JaffaCakes118

Files

0a14cc6fc3183d661e865789f241387d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0325e9733e01446a7cae9244fa76b125

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
GetDC
GetParent
GetDesktopWindow
CharNextA
GetSystemMetrics

gdi32

SelectPalette
GetObjectA
SetTextColor
GetPixel
CreatePen
DeleteObject
SelectObject
CreateSolidBrush
SetStretchBltMode
SetTextAlign
CreateFontIndirectA
GetClipBox
RectVisible
PatBlt
GetTextMetricsA
GetDeviceCaps
SaveDC
DeleteDC
SetMapMode
LineTo
RestoreDC
CreatePalette
CreateCompatibleDC
GetStockObject

kernel32

GetConsoleOutputCP
RemoveDirectoryA
GetWindowsDirectoryA
GetUserDefaultLangID
DeleteFileW
GetCurrentProcess
GetModuleHandleA
GlobalFindAtomA
GlobalFindAtomW
DeleteFileA
lstrlenA
GetDriveTypeA
CopyFileA
GetModuleHandleW
lstrlenW
QueryPerformanceCounter
GetOEMCP
SetCurrentDirectoryA
GetCurrentThreadId
GetVersion
lstrcmpA
VirtualAlloc
GetCommandLineA
VirtualFree
IsDebuggerPresent
GetCurrentProcessId
GetTickCount
GetStartupInfoA
lstrcmpiA
GetCommandLineW
GetThreadLocale
GetCurrentThread
MulDiv
GetACP

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Kbcff. R
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Hpbhl, P
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0325e9733e01446a7cae9244fa76b125

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

kernel32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Kbcff. R Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 25KB

Hpbhl, P Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 10KB - Virtual size: 10KB

Kbcff. R
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 25KB

Hpbhl, P
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 28KB - Virtual size: 28KB