31eb6f03304952c3d88fc25b6386b981_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

31eb6f03304952c3d88fc25b6386b981_JaffaCakes118
Size

168KB
MD5

31eb6f03304952c3d88fc25b6386b981
SHA1

2243e7dbf6618c4210432b8b9c7434db78e7bc00
SHA256

aab1636879fe684efe5abe5b2792c903fe534d65b6f094c12d4418ca4b106778
SHA512

0ba051579724ec17efc9d3c250a15cec291326de8d05f1c3038aa077e85909d990fea8b6fd4270299d2b0f876a9a033f71f2c1c328c8020a24ccedf63b53787c
SSDEEP

3072:Aj72BATmirAmzG9tqyxHTFEfrP6SC1jTDHDuT1:AGBAT1rzzSqCTFEr6SI2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31eb6f03304952c3d88fc25b6386b981_JaffaCakes118

Files

31eb6f03304952c3d88fc25b6386b981_JaffaCakes118
.exe windows:4 windows x86 arch:x86

643440845a8bd9cdc855ea6d1d7a3b37

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextA
TranslateMessage
GetSystemMetrics
GetParent
GetDC
GetDesktopWindow

gdi32

SetTextColor
LineTo
SetMapMode
SetStretchBltMode
GetClipBox
PatBlt
GetTextMetricsA
SetTextAlign
GetPixel
CreatePalette
DeleteDC
DeleteObject
CreateCompatibleDC
SaveDC
SelectObject
RectVisible
CreatePen
CreateSolidBrush
GetObjectA
RestoreDC
CreateFontIndirectA
GetDeviceCaps
SelectPalette

kernel32

GetTickCount
GetDriveTypeA
SetCurrentDirectoryA
GetProcessHeap
GetOEMCP
lstrlenW
DeleteFileW
GetStartupInfoA
CopyFileA
GetACP
GetCurrentProcessId
GetWindowsDirectoryA
GetCurrentThread
lstrcmpA
lstrlenA
GetThreadLocale
MulDiv
GetCurrentProcess
GetModuleHandleA
GetVersion
GetUserDefaultLangID
GlobalFindAtomA
VirtualAlloc
VirtualFree
lstrcmpiW
IsDebuggerPresent
GetCommandLineA
GetCurrentThreadId
GetCommandLineW
GetModuleHandleW
GlobalFindAtomW
QueryPerformanceCounter
RemoveDirectoryA
GetConsoleOutputCP
DeleteFileA
lstrcmpiA

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Uvhibayn
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sxodaydu
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

643440845a8bd9cdc855ea6d1d7a3b37

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

kernel32

glu32

Sections

.text Size: 11KB - Virtual size: 11KB

Uvhibayn Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 25KB

Sxodaydu Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 11KB - Virtual size: 11KB

Uvhibayn
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 25KB

Sxodaydu
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 28KB - Virtual size: 27KB