0c6c55e68f18b50e6c8f3be8e0ee2ebf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c6c55e68f18b50e6c8f3be8e0ee2ebf_JaffaCakes118
Size

169KB
MD5

0c6c55e68f18b50e6c8f3be8e0ee2ebf
SHA1

6e665e2ed0d91889e1da6e96f03f2b10059a7398
SHA256

189b44dbc5774c7cabc711e98acee064e36b7c53150954d3e1124b4d048b8b32
SHA512

9ebcf1cafdadd824c235684f09ad27a95e59371f9e7b47a025d69edc6bb1e8b05b8485808937f47488ec2461dbb99ef0b952bca15b2691ff0b13683bd347fd77
SSDEEP

3072:Jsui2Jeyju8mXlIdPSx/SVQXK9rLbplQvMDH8:SR23jkXlIewlRbsH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c6c55e68f18b50e6c8f3be8e0ee2ebf_JaffaCakes118

Files

0c6c55e68f18b50e6c8f3be8e0ee2ebf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fc86bbdfb2fd48303808aafcbb62fe40

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextA
GetDC
TranslateMessage
GetSystemMetrics
GetDesktopWindow
GetParent

kernel32

GetCommandLineW
GetUserDefaultLangID
GetOEMCP
GetTickCount
GetModuleHandleW
RemoveDirectoryA
GetWindowsDirectoryA
lstrcmpA
GetVersion
GetModuleHandleA
GetCurrentThreadId
DeleteFileA
lstrlenW
CopyFileA
GlobalFindAtomW
GetThreadLocale
GetDriveTypeA
lstrcmpiA
GetCurrentProcessId
lstrcmpiW
SetCurrentDirectoryA
GetProcessHeap
GetConsoleOutputCP
GetACP
MulDiv
QueryPerformanceCounter
IsDebuggerPresent
GetCommandLineA
GetCurrentProcess
VirtualAlloc
GetCurrentThread
VirtualFree
lstrlenA
GlobalFindAtomA
GetStartupInfoA
DeleteFileW

gdi32

SetMapMode
GetTextMetricsA
CreatePalette
LineTo
SelectObject
SetStretchBltMode
RectVisible
DeleteDC
CreateCompatibleDC
GetPixel
DeleteObject
SetTextColor
RestoreDC
GetObjectA
SaveDC
GetDeviceCaps
CreateFontIndirectA
PatBlt
GetClipBox
CreateSolidBrush
GetStockObject
SetTextAlign
SelectPalette
CreatePen

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Fgbg. Gx
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Nrijde H
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc86bbdfb2fd48303808aafcbb62fe40

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 11KB - Virtual size: 10KB

Fgbg. Gx Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 24KB

Nrijde H Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 31KB - Virtual size: 30KB

.text
Size: 11KB - Virtual size: 10KB

Fgbg. Gx
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 24KB

Nrijde H
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 31KB - Virtual size: 30KB