33dbdf79644e702c5aa854b7d7f41c08_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

33dbdf79644e702c5aa854b7d7f41c08_JaffaCakes118
Size

97KB
MD5

33dbdf79644e702c5aa854b7d7f41c08
SHA1

2b3c89510ea473c66cb3addd732e4e1eefd3e433
SHA256

b5043209e18577b9b630bc54dd8fc3e9cb6056ab7ab0aff629073276c5ab5611
SHA512

ca76e5e8049249f4722d659fb007c968790018f859bf2305d8a9a35cabadf6ff475e0e87a3c669037ebd0b29bb7ce0bbd14697334561bc7cdccff64426b6c89c
SSDEEP

1536:8Trujy/Xd6cerJ9/pKtaRzGEcePXSUQkw3LNTvGw:8HujyfdC7/N1XSFkwpTvGw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33dbdf79644e702c5aa854b7d7f41c08_JaffaCakes118

Files

33dbdf79644e702c5aa854b7d7f41c08_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de6487a81fbd23c24ab87d6622aa83e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
GetParent
GetSystemMetrics
CharNextA
TranslateMessage
GetDesktopWindow

gdi32

CreatePen
CreateSolidBrush
PatBlt
SetStretchBltMode
DeleteDC
GetPixel
CreateFontIndirectA
GetClipBox
SaveDC
SelectObject
GetDeviceCaps
GetObjectA
SetTextColor
LineTo
SetTextAlign
RestoreDC
SetMapMode
CreateCompatibleDC
SelectPalette
RectVisible
CreatePalette
DeleteObject
GetTextMetricsA
GetStockObject

kernel32

GlobalFindAtomW
GetModuleHandleA
GetWindowsDirectoryA
GetCurrentProcessId
GetProcessHeap
RemoveDirectoryA
GetThreadLocale
GetCommandLineA
GetTickCount
GetCurrentThreadId
GetCommandLineW
DeleteFileW
GetCurrentThread
GetOEMCP
CopyFileA
MulDiv
GetStartupInfoA
GetVersion
GetUserDefaultLangID
GetConsoleOutputCP
GlobalFindAtomA
GetDriveTypeA
lstrcmpiW
QueryPerformanceCounter
GetCurrentProcess
lstrlenW
lstrlenA
GetACP
lstrcmpiA
GetModuleHandleW
VirtualAlloc
VirtualFree
SetCurrentDirectoryA
IsDebuggerPresent
DeleteFileA

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Kegfkjww
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Araqgi G
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de6487a81fbd23c24ab87d6622aa83e1

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

kernel32

glu32

Sections

.text Size: 11KB - Virtual size: 11KB

Kegfkjww Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 25KB

Araqgi G Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 27KB - Virtual size: 27KB

.text
Size: 11KB - Virtual size: 11KB

Kegfkjww
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 25KB

Araqgi G
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 27KB - Virtual size: 27KB