44b2fcb10a3a322086177cb91b641674_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

44b2fcb10a3a322086177cb91b641674_JaffaCakes118
Size

168KB
MD5

44b2fcb10a3a322086177cb91b641674
SHA1

f17a0fc07df6ecf6ffb49788013bcc44d4536527
SHA256

b839e4e8d334f70ee0d845d9f98747b36f7a319236e15864b0798660b32513c0
SHA512

8467612d42c59c9aafd1c6506e49f601f9ca5b532654b779ac43307794f7bade6151aadd5557da5d2c8d168006d5fbae58f3292698758e777d2da12abbb32d49
SSDEEP

3072:mTZ+3f9CoDt79Rm16EHuh8H0ctFdlWDtsrCE:sZ+Dt7a16Kbz/yE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44b2fcb10a3a322086177cb91b641674_JaffaCakes118

Files

44b2fcb10a3a322086177cb91b641674_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e64b733cf075e0ffd6352132af52d76c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetTextColor
RectVisible
GetObjectA
RestoreDC
CreatePen
SelectPalette
GetDeviceCaps
GetClipBox
SelectObject
DeleteObject
PatBlt
CreateCompatibleDC
DeleteDC
CreateFontIndirectA
SaveDC
GetStockObject
LineTo
GetPixel
SetStretchBltMode
CreateSolidBrush
SetTextAlign
SetMapMode
CreatePalette
GetTextMetricsA

user32

GetParent
CharNextA
GetSystemMetrics
GetDesktopWindow
TranslateMessage
GetDC

kernel32

GetCommandLineA
lstrcmpiW
IsDebuggerPresent
GetModuleHandleW
QueryPerformanceCounter
RemoveDirectoryA
GetModuleHandleA
GetStartupInfoA
lstrcmpA
GetProcessHeap
GetDriveTypeA
GetCurrentProcess
GetCurrentThread
SetCurrentDirectoryA
lstrlenW
GlobalFindAtomW
GetACP
GetWindowsDirectoryA
GetCurrentThreadId
CopyFileA
DeleteFileA
GetTickCount
GetOEMCP
lstrlenA
GetVersion
MulDiv
lstrcmpiA
GetCurrentProcessId
VirtualAlloc
DeleteFileW
VirtualFree
GetConsoleOutputCP
GetThreadLocale
GlobalFindAtomA
GetCommandLineW

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Kihvp Vb
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Qupcw. G
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

eciiaqf
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e64b733cf075e0ffd6352132af52d76c

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

kernel32

glu32

Sections

.text Size: 11KB - Virtual size: 10KB

Kihvp Vb Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 25KB

Qupcw. G Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 29KB - Virtual size: 57KB

eciiaqf Size: - Virtual size: 4KB

.text
Size: 11KB - Virtual size: 10KB

Kihvp Vb
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 25KB

Qupcw. G
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 29KB - Virtual size: 57KB

eciiaqf
Size: - Virtual size: 4KB