3ed6ba892efcc8d52e482fd01cbfa6fd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ed6ba892efcc8d52e482fd01cbfa6fd_JaffaCakes118
Size

167KB
MD5

3ed6ba892efcc8d52e482fd01cbfa6fd
SHA1

3e127f780ef5b667393d7f4d50462146536e679a
SHA256

9672c928f9d0bb312d279f47b166365127eabbef0b007c42c2c06f7000de538c
SHA512

1d14a52761da9eb6791496dfda180a9a129f33721fc2d0c0814065bdb81bffdc3328d6d0e98e13fd3a85f1828f4465419e57e19b120e81369efce0055655e7aa
SSDEEP

3072:JIjpIVkiMRwOqKj4eJGc5aa6sSssIPqo5gVSkLYRM2FoI:u6pgXceJ2IPqo2VSkLYRB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ed6ba892efcc8d52e482fd01cbfa6fd_JaffaCakes118

Files

3ed6ba892efcc8d52e482fd01cbfa6fd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bd58a1a3d60adb5d06082569fce1378f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
QueryPerformanceCounter
GetVersion
IsDebuggerPresent
GetCommandLineW
RemoveDirectoryA
GetModuleHandleA
GetCurrentThread
MulDiv
GetModuleHandleW
lstrcmpA
GetStartupInfoA
GetTickCount
GetConsoleOutputCP
SetCurrentDirectoryA
GetThreadLocale
GlobalFindAtomW
lstrcmpiW
GetCurrentProcessId
lstrlenW
GetDriveTypeA
GetOEMCP
GlobalFindAtomA
DeleteFileW
GetUserDefaultLangID
lstrlenA
GetWindowsDirectoryA
CopyFileA
GetCurrentProcess
GetACP
DeleteFileA
GetProcessHeap
lstrcmpiA
VirtualAlloc
VirtualFree

gdi32

GetDeviceCaps
SaveDC
DeleteDC
CreateFontIndirectA
CreateSolidBrush
GetObjectA
SetStretchBltMode
DeleteObject
SelectPalette
SetTextColor
GetPixel
CreatePalette
GetClipBox
CreatePen
GetTextMetricsA
SetMapMode
LineTo
GetStockObject
SetTextAlign
PatBlt
CreateCompatibleDC
RestoreDC
SelectObject
RectVisible

user32

TranslateMessage
GetDesktopWindow
CharNextA
GetSystemMetrics
GetDC
GetParent

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Gfdnen U
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Pdrhk. P
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd58a1a3d60adb5d06082569fce1378f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Gfdnen U Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 25KB

Pdrhk. P Size: 512B - Virtual size: 4KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 29KB - Virtual size: 29KB

.text
Size: 10KB - Virtual size: 10KB

Gfdnen U
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 25KB

Pdrhk. P
Size: 512B - Virtual size: 4KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 29KB - Virtual size: 29KB