2fb647775fd50de1ee6a085f1b461f04_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2fb647775fd50de1ee6a085f1b461f04_JaffaCakes118
Size

168KB
MD5

2fb647775fd50de1ee6a085f1b461f04
SHA1

88a762df9e82fbc78ed3969a8ac9fdabc2c91bf6
SHA256

93e97c7d001491fd76c6b2514952178b68179ee213daac348161a6179be46ca2
SHA512

f53594eb179ea73ca08dd6f635af4598661252bbec0c7deac04f0b9bb326f4cdeb4d7b2d13e08610e2bc7eec6b1f2d444fde13489d0574fe92ea4fbf2c94c9f8
SSDEEP

3072:0ItEWt0SQfjycMztcOUoyvpeIsSk6QmTQoX0EgqEF:XP0SOjyDtJHyU16QcrW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fb647775fd50de1ee6a085f1b461f04_JaffaCakes118

Files

2fb647775fd50de1ee6a085f1b461f04_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a3b0edf583f544a5575f13b9d73968f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

RectVisible
SetTextColor
CreateCompatibleDC
GetDeviceCaps
SelectPalette
SelectObject
CreateFontIndirectA
RestoreDC
LineTo
SaveDC
CreatePen
PatBlt
DeleteObject
SetMapMode
DeleteDC
GetObjectA
GetClipBox
CreateSolidBrush
GetStockObject
GetPixel
SetStretchBltMode
CreatePalette
SetTextAlign
GetTextMetricsA

kernel32

GetCurrentProcessId
lstrcmpiA
GetDriveTypeA
GetCommandLineW
GlobalFindAtomA
GetVersion
GetOEMCP
lstrcmpiW
GetCurrentThreadId
GetModuleHandleA
GetCommandLineA
GetACP
QueryPerformanceCounter
CopyFileA
GetCurrentThread
GetModuleHandleW
GetStartupInfoA
GetThreadLocale
GlobalFindAtomW
DeleteFileW
SetCurrentDirectoryA
RemoveDirectoryA
IsDebuggerPresent
DeleteFileA
GetCurrentProcess
lstrcmpA
GetProcessHeap
lstrlenA
MulDiv
GetUserDefaultLangID
GetTickCount
GetConsoleOutputCP
lstrlenW
GetWindowsDirectoryA
VirtualAlloc
VirtualFree

user32

GetDC
GetSystemMetrics
TranslateMessage
GetParent
CharNextA
GetDesktopWindow

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Pxiyfavo
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Uujgi, I
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a3b0edf583f544a5575f13b9d73968f4

Headers

File Characteristics

Imports

gdi32

kernel32

user32

glu32

Sections

.text Size: 11KB - Virtual size: 10KB

Pxiyfavo Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 25KB

Uujgi, I Size: 512B - Virtual size: 4KB

.data Size: 101KB - Virtual size: 100KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 11KB - Virtual size: 10KB

Pxiyfavo
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 25KB

Uujgi, I
Size: 512B - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 28KB - Virtual size: 28KB