3914beacaaac0a264f77416418973ec7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3914beacaaac0a264f77416418973ec7_JaffaCakes118
Size

165KB
MD5

3914beacaaac0a264f77416418973ec7
SHA1

afa981b3f20da2ac2a936300c5b532971ce69105
SHA256

896021862ee89dc68012f0461d41a63d4d4e36aa8095837f4212926f11d3b69b
SHA512

2a9cb6b8f1d149a8171d3bd20369718c559d07f7f91f2b55514801ce11e7b201a867ee64b5682074875809635fb01846803efe15ce9528386d2fefec88655a32
SSDEEP

3072:5icJ7mMdQxc7k2VWlJRrWeORHP+guh/52xT9:5l3+c+bLEsh/Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3914beacaaac0a264f77416418973ec7_JaffaCakes118

Files

3914beacaaac0a264f77416418973ec7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4d6ef986dfc02ac850941672d99e52d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteDC
SetMapMode
DeleteObject
GetStockObject
CreatePen
GetDeviceCaps
RestoreDC
RectVisible
SelectObject
SetStretchBltMode
SetTextColor
GetPixel
CreateFontIndirectA
SaveDC
PatBlt
LineTo
CreatePalette
GetClipBox
CreateCompatibleDC
SetTextAlign
GetObjectA
SelectPalette
GetTextMetricsA
CreateSolidBrush

user32

GetDC
GetSystemMetrics
GetDesktopWindow
CharNextA
GetParent
TranslateMessage

kernel32

GetWindowsDirectoryA
lstrlenW
CopyFileA
GetCurrentProcess
GetCommandLineW
GlobalFindAtomW
lstrcmpiW
MulDiv
QueryPerformanceCounter
GetModuleHandleA
GetTickCount
DeleteFileW
GlobalFindAtomA
GetUserDefaultLangID
lstrcmpiA
GetThreadLocale
SetCurrentDirectoryA
GetCurrentThread
GetCommandLineA
GetOEMCP
GetCurrentProcessId
VirtualAlloc
lstrlenA
GetConsoleOutputCP
GetCurrentThreadId
DeleteFileA
VirtualFree
GetDriveTypeA
GetACP
RemoveDirectoryA
IsDebuggerPresent
lstrcmpA
GetStartupInfoA
GetProcessHeap
GetModuleHandleW
GetVersion

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Utq, Ovi
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Fhwwgmlq
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d6ef986dfc02ac850941672d99e52d5

Headers

File Characteristics

Imports

gdi32

user32

kernel32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Utq, Ovi Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 24KB

Fhwwgmlq Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 10KB - Virtual size: 10KB

Utq, Ovi
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 24KB

Fhwwgmlq
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 28KB - Virtual size: 27KB