174aa655199682728ae3b7c17a250aca_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

174aa655199682728ae3b7c17a250aca_JaffaCakes118
Size

167KB
MD5

174aa655199682728ae3b7c17a250aca
SHA1

118dc1df2654fcb754ad3fd1dc1a9d654d997a8a
SHA256

abfeb61ebc5a5c598be531d459035a1fb2863421639d26f020a4bc9ee7a00f61
SHA512

195127da517ae43c46b11fd8c1172005c74eda5d54f1d8a73b10b43dc64efd262acf1a07b3fa953caa53e38237106374e847fe458cb356d2a615204c6618a8d6
SSDEEP

3072:MjTXxLqGjUwdsNUhsYa6TwbJv2Y3+oPa64TbM6C3Za:+B+Ers0/wf3+oPl4TbZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
174aa655199682728ae3b7c17a250aca_JaffaCakes118

Files

174aa655199682728ae3b7c17a250aca_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2a39fa5bead8a741cb8985659a5ef0f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetParent
CharNextA
TranslateMessage
GetDesktopWindow
GetDC
GetSystemMetrics

gdi32

SelectPalette
CreateCompatibleDC
SaveDC
LineTo
SetMapMode
RectVisible
CreateFontIndirectA
GetDeviceCaps
GetPixel
GetClipBox
DeleteDC
SetStretchBltMode
CreatePalette
SetTextAlign
PatBlt
GetTextMetricsA
GetObjectA
SetTextColor
CreateSolidBrush
DeleteObject
CreatePen
RestoreDC
GetStockObject
SelectObject

kernel32

lstrcmpiA
VirtualAlloc
lstrcmpA
DeleteFileA
VirtualFree
GlobalFindAtomW
GetCommandLineW
GetModuleHandleW
GlobalFindAtomA
lstrlenW
GetConsoleOutputCP
MulDiv
GetThreadLocale
GetCurrentThread
GetDriveTypeA
SetCurrentDirectoryA
GetCurrentProcess
GetModuleHandleA
GetVersion
GetOEMCP
CopyFileA
GetWindowsDirectoryA
GetStartupInfoA
GetTickCount
lstrlenA
GetCommandLineA
GetCurrentThreadId
IsDebuggerPresent
GetACP
DeleteFileW
QueryPerformanceCounter
GetCurrentProcessId
GetUserDefaultLangID
RemoveDirectoryA
GetProcessHeap

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Suot Mtp
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Gtlpongr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dexbavt
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2a39fa5bead8a741cb8985659a5ef0f9

Headers

File Characteristics

Imports

user32

gdi32

kernel32

glu32

Sections

.text Size: 11KB - Virtual size: 11KB

Suot Mtp Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 24KB

Gtlpongr Size: 512B - Virtual size: 4KB

.data Size: 101KB - Virtual size: 101KB

.rsrc Size: 28KB - Virtual size: 56KB

dexbavt Size: 29KB - Virtual size: 32KB

.text
Size: 11KB - Virtual size: 11KB

Suot Mtp
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 24KB

Gtlpongr
Size: 512B - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 101KB

.rsrc
Size: 28KB - Virtual size: 56KB

dexbavt
Size: 29KB - Virtual size: 32KB