2b43368797c254ea33765355b94901ec_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b43368797c254ea33765355b94901ec_JaffaCakes118
Size

167KB
MD5

2b43368797c254ea33765355b94901ec
SHA1

2b68f645d513342d2e2fd7ae8491becbe49bce30
SHA256

d02cfe902936901d2c073514b8ab39b01c8e5ef39caaac6a9e80924285615801
SHA512

7672d04afadbbebae524cbf99140478d4647e4848b08e9ad529a0fc0d635a6538d41799590f01c8a17735cb766052499ec5140504bc8f99ca07db12ff5a3c51b
SSDEEP

3072:xMuqsjyz7CsCSBj/0oOmjdqR+szPFN98ZOc:WASB7txhqR5z7T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b43368797c254ea33765355b94901ec_JaffaCakes118

Files

2b43368797c254ea33765355b94901ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e1b1ef123d36ab1ee415bd7d8db99ee8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateCompatibleDC
SaveDC
LineTo
PatBlt
SetTextAlign
CreatePalette
GetPixel
GetStockObject
SetTextColor
DeleteObject
GetDeviceCaps
GetTextMetricsA
SetStretchBltMode
DeleteDC
CreatePen
SelectObject
RectVisible
GetObjectA
GetClipBox
SetMapMode
CreateSolidBrush
SelectPalette
CreateFontIndirectA
RestoreDC

user32

TranslateMessage
GetDC
GetSystemMetrics
CharNextA
GetDesktopWindow
GetParent

kernel32

GetDriveTypeA
lstrcmpA
RemoveDirectoryA
GetUserDefaultLangID
QueryPerformanceCounter
GetCurrentProcessId
MulDiv
GetProcessHeap
GetCommandLineW
GetOEMCP
GetTickCount
GetConsoleOutputCP
GetModuleHandleA
lstrcmpiW
GlobalFindAtomA
GetCurrentThreadId
DeleteFileA
lstrlenW
CopyFileA
GetCommandLineA
lstrlenA
GetCurrentProcess
GlobalFindAtomW
GetModuleHandleW
GetThreadLocale
GetWindowsDirectoryA
GetACP
GetVersion
GetCurrentThread
GetStartupInfoA
DeleteFileW
lstrcmpiA
SetCurrentDirectoryA
VirtualAlloc
VirtualFree

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Rneimvll
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Ktxkcqyg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1b1ef123d36ab1ee415bd7d8db99ee8

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

kernel32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Rneimvll Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 24KB

Ktxkcqyg Size: 512B - Virtual size: 4KB

.data Size: 101KB - Virtual size: 100KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 10KB - Virtual size: 10KB

Rneimvll
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 24KB

Ktxkcqyg
Size: 512B - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 28KB - Virtual size: 28KB