605eeb8e2d1d9a109b659b1a6247e9a0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

605eeb8e2d1d9a109b659b1a6247e9a0_JaffaCakes118
Size

172KB
MD5

605eeb8e2d1d9a109b659b1a6247e9a0
SHA1

5dfb03642e29636ae8c333367e346c94cf4aa66b
SHA256

5a857eed744b5f8e32b453e4dcce092d804102cfa6874c28ae66da2f271d42aa
SHA512

88aa4bc5fc516874dcbddf78f55ce81f8a1a35d1bf75ca7510c946779b21d9f4d41fad53d2f2308a7d4e7a18faaa648d5093b7c1e8d155f1384f0a4c456544bd
SSDEEP

3072:q9jZZUt3EwT4CxgiKCsuV7cWaT8rGy6PLDx2aNaDi3jh1FE:qrGSC6MV/a9yCL1nTO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
605eeb8e2d1d9a109b659b1a6247e9a0_JaffaCakes118

Files

605eeb8e2d1d9a109b659b1a6247e9a0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b2139e74556dbb15f1a0c6ec2a6ed9b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
lstrcmpiW
GetModuleHandleA
MulDiv
GetOEMCP
GetCurrentThread
GlobalFindAtomW
GetStartupInfoA
DeleteFileW
GetUserDefaultLangID
QueryPerformanceCounter
IsDebuggerPresent
GetProcessHeap
GetThreadLocale
GetWindowsDirectoryA
GetConsoleOutputCP
GetACP
GetDriveTypeA
GetTickCount
GetCurrentThreadId
CopyFileA
DeleteFileA
VirtualAlloc
RemoveDirectoryA
VirtualFree
GlobalFindAtomA
GetCommandLineW
GetCurrentProcess
SetCurrentDirectoryA
GetCommandLineA
GetVersion
lstrcmpiA
lstrcmpA
lstrlenW
GetModuleHandleW
lstrlenA

user32

GetParent
TranslateMessage
CharNextA
GetDesktopWindow
GetDC
GetSystemMetrics

gdi32

SetTextColor
CreateFontIndirectA
DeleteDC
RectVisible
GetPixel
CreatePalette
GetObjectA
GetTextMetricsA
GetStockObject
GetDeviceCaps
CreateCompatibleDC
SelectPalette
SetMapMode
SelectObject
SaveDC
LineTo
CreatePen
PatBlt
DeleteObject
SetTextAlign
GetClipBox
SetStretchBltMode
CreateSolidBrush
RestoreDC

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Vuugh. S
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Xbkcow M
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b2139e74556dbb15f1a0c6ec2a6ed9b9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Vuugh. S Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 25KB

Xbkcow M Size: 512B - Virtual size: 4KB

.data Size: 101KB - Virtual size: 101KB

.rsrc Size: 32KB - Virtual size: 52KB

.text
Size: 10KB - Virtual size: 10KB

Vuugh. S
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 25KB

Xbkcow M
Size: 512B - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 101KB

.rsrc
Size: 32KB - Virtual size: 52KB