2d3b0f183a60a14d9a05ed12de3302c9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d3b0f183a60a14d9a05ed12de3302c9_JaffaCakes118
Size

170KB
MD5

2d3b0f183a60a14d9a05ed12de3302c9
SHA1

56acfd5e8a48d4a4ea9749a3d333391b1204d1c1
SHA256

5c8b959746296a52da46e10a920eab4fa9afae67b84b6ff07247b773cca341ee
SHA512

855fbac3a55af3d00bf74094e11d6fa9aad26c6b04feec308ee7ce95b8f5ea0f09e55b6d476aaae0236b52f28b5825f9e58a060dd5eb54dc2946a859a07aff7a
SSDEEP

3072:YX87uwWw3HAWeneg7eYhmeJx2QcIr5udSRMJLXvKU3:YXwW3Wej7e/eJcWQdF3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d3b0f183a60a14d9a05ed12de3302c9_JaffaCakes118

Files

2d3b0f183a60a14d9a05ed12de3302c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ff05cf6543d0bfff2e2a5614a560746

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

LineTo
RestoreDC
SetStretchBltMode
SetTextColor
GetDeviceCaps
SetMapMode
GetTextMetricsA
CreateSolidBrush
SelectPalette
CreateFontIndirectA
RectVisible
DeleteObject
GetObjectA
GetPixel
SelectObject
CreateCompatibleDC
SetTextAlign
CreatePen
SaveDC
PatBlt
GetClipBox
CreatePalette
GetStockObject
DeleteDC

user32

GetSystemMetrics
GetDC
GetParent
TranslateMessage
CharNextA
GetDesktopWindow

kernel32

GetModuleHandleA
MulDiv
GetCurrentProcessId
lstrcmpA
DeleteFileA
GetProcessHeap
GetCurrentThread
GetVersion
lstrlenW
GetUserDefaultLangID
GetCommandLineA
lstrcmpiW
GetCurrentProcess
GetTickCount
CopyFileA
GetStartupInfoA
lstrlenA
lstrcmpiA
GetOEMCP
DeleteFileW
IsDebuggerPresent
RemoveDirectoryA
GetModuleHandleW
GetThreadLocale
GetWindowsDirectoryA
GetDriveTypeA
GlobalFindAtomW
GetCommandLineW
GetACP
GetConsoleOutputCP
GetCurrentThreadId
SetCurrentDirectoryA
GlobalFindAtomA
QueryPerformanceCounter
VirtualAlloc
VirtualFree

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Rguxvbms
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Xkvyhmxg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6ff05cf6543d0bfff2e2a5614a560746

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

kernel32

glu32

Sections

.text Size: 11KB - Virtual size: 10KB

Rguxvbms Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 25KB

Xkvyhmxg Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.rsrc Size: 30KB - Virtual size: 104KB

.text
Size: 11KB - Virtual size: 10KB

Rguxvbms
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 25KB

Xkvyhmxg
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 30KB - Virtual size: 104KB