3933ec487fdc32e698a12af9b4d3b798_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3933ec487fdc32e698a12af9b4d3b798_JaffaCakes118
Size

167KB
MD5

3933ec487fdc32e698a12af9b4d3b798
SHA1

da202c5bea1da9150572f3f5fd4cfff7a86422b5
SHA256

18043fa138233206df86040fd3227d0f5678db7dc9993825714d75a58af6c4ea
SHA512

ecae6cfb707bbdccff6c50e85c892872930e898f6504f7ed16776692fb87cdd6b653281699393e165007d3b7e551802779f9011225860cbf27244a60f30e6dfa
SSDEEP

3072:Mjf8DJFBshuN98P7M1t6BHGxf/qDuc+dpvJPM9cx:MjZg+7y6BYf/qDulvb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3933ec487fdc32e698a12af9b4d3b798_JaffaCakes118

Files

3933ec487fdc32e698a12af9b4d3b798_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c257ee92be78c3926c0640fd47b73d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextMetricsA
SelectPalette
PatBlt
DeleteObject
SelectObject
SetStretchBltMode
CreatePen
GetObjectA
RectVisible
GetStockObject
CreateFontIndirectA
SaveDC
CreateCompatibleDC
DeleteDC
GetDeviceCaps
GetPixel
LineTo
RestoreDC
SetMapMode
GetClipBox
SetTextAlign
CreateSolidBrush
CreatePalette
SetTextColor

kernel32

MulDiv
GetUserDefaultLangID
lstrcmpiW
GetWindowsDirectoryA
SetCurrentDirectoryA
CopyFileA
QueryPerformanceCounter
DeleteFileA
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleW
lstrcmpiA
GetModuleHandleA
GetDriveTypeA
GetProcessHeap
GlobalFindAtomW
lstrcmpA
RemoveDirectoryA
GetThreadLocale
GetACP
IsDebuggerPresent
GlobalFindAtomA
GetCommandLineW
GetConsoleOutputCP
GetCurrentThread
GetOEMCP
lstrlenA
GetVersion
GetCommandLineA
GetCurrentProcessId
DeleteFileW
GetStartupInfoA
lstrlenW
GetTickCount
VirtualAlloc
VirtualFree

user32

TranslateMessage
GetParent
GetDesktopWindow
GetDC
CharNextA
GetSystemMetrics

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Aewmk Mk
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Toemfywf
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c257ee92be78c3926c0640fd47b73d9

Headers

File Characteristics

Imports

gdi32

kernel32

user32

glu32

Sections

.text Size: 11KB - Virtual size: 11KB

Aewmk Mk Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 24KB

Toemfywf Size: 512B - Virtual size: 4KB

.data Size: 102KB - Virtual size: 101KB

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 11KB - Virtual size: 11KB

Aewmk Mk
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 24KB

Toemfywf
Size: 512B - Virtual size: 4KB

.data
Size: 102KB - Virtual size: 101KB

.rsrc
Size: 26KB - Virtual size: 26KB