6461a8adb24d2e6f32a3776f3c0bda17_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6461a8adb24d2e6f32a3776f3c0bda17_JaffaCakes118
Size

168KB
MD5

6461a8adb24d2e6f32a3776f3c0bda17
SHA1

672e29938fe8f555308c219a769e1d633c01cf9d
SHA256

ba54abaf4fc8998dbe56d434383380e533c6b0a0b09da01fa00c487878d2e50c
SHA512

4482091a96bbffba4f1891da6702ee11ff4f0d0bc60433d551b2a3395f028be168d2d047ba7817a110badbfed7f6d1899aa72d01f7d6ca7696d4971f0bfc7a10
SSDEEP

3072:jWZXDFZM0x5gRf91aiWqZJz66852dMm9Dt/9yrSTlF:jW5GRV1aeZbO2dMmj4w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6461a8adb24d2e6f32a3776f3c0bda17_JaffaCakes118

Files

6461a8adb24d2e6f32a3776f3c0bda17_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9fa3e613eb88ed06633227744c3fb46a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreatePen
RestoreDC
CreateSolidBrush
GetTextMetricsA
SetTextColor
DeleteObject
SaveDC
SelectPalette
GetStockObject
RectVisible
LineTo
SetStretchBltMode
GetObjectA
PatBlt
DeleteDC
GetPixel
CreateCompatibleDC
SetTextAlign
SetMapMode
CreatePalette
SelectObject
GetDeviceCaps
CreateFontIndirectA
GetClipBox

user32

GetDC
GetDesktopWindow
TranslateMessage
GetParent
GetSystemMetrics
CharNextA

kernel32

GlobalFindAtomA
GetTickCount
DeleteFileA
lstrlenW
GetCommandLineW
GetCurrentThreadId
MulDiv
lstrlenA
GetCurrentThread
GetVersion
GetDriveTypeA
GetStartupInfoA
lstrcmpA
RemoveDirectoryA
GetACP
DeleteFileW
GetCommandLineA
GetModuleHandleW
GetUserDefaultLangID
GetWindowsDirectoryA
CopyFileA
GetProcessHeap
VirtualAlloc
VirtualFree
IsDebuggerPresent
SetCurrentDirectoryA
GlobalFindAtomW
GetCurrentProcess
GetThreadLocale
lstrcmpiW
GetModuleHandleA
GetConsoleOutputCP
lstrcmpiA
QueryPerformanceCounter

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Gxobp Hd
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Phtbbbkr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9fa3e613eb88ed06633227744c3fb46a

Headers

File Characteristics

Imports

gdi32

user32

kernel32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Gxobp Hd Size: 512B - Virtual size: 4KB

.rdata Size: 27KB - Virtual size: 26KB

Phtbbbkr Size: 512B - Virtual size: 4KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 29KB - Virtual size: 140KB

.text
Size: 10KB - Virtual size: 10KB

Gxobp Hd
Size: 512B - Virtual size: 4KB

.rdata
Size: 27KB - Virtual size: 26KB

Phtbbbkr
Size: 512B - Virtual size: 4KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 29KB - Virtual size: 140KB