6fde2a37017e39bd2a30ed6c65a68267_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6fde2a37017e39bd2a30ed6c65a68267_JaffaCakes118
Size

170KB
MD5

6fde2a37017e39bd2a30ed6c65a68267
SHA1

25b3dfc073bf70dd5c54fadf1b01ad267f4cd7fb
SHA256

195293cd25421c08f32ca49cae7b3d8398e1ae2bd3e75a4a0787c9ccfa59fecd
SHA512

7a0aa17e73643f61186fdf69060c77450a842f5da559c7cf25e7dd7e1a6e09aeb72328b6c52591eb320c307a5e3f8dba90919e77c561c87cf8c8a40d23f79309
SSDEEP

3072:tM/+Xy0edkqb6WSpmfle+nGN7PCR/1O5sQYBpQj:tFX27OQfbGNTa15Qd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fde2a37017e39bd2a30ed6c65a68267_JaffaCakes118

Files

6fde2a37017e39bd2a30ed6c65a68267_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fac54c3129049398303a0e12e424354e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
GetDesktopWindow
GetParent
CharNextA
GetSystemMetrics
TranslateMessage

gdi32

GetClipBox
CreateCompatibleDC
GetTextMetricsA
SetMapMode
RestoreDC
PatBlt
CreateSolidBrush
GetDeviceCaps
RectVisible
GetPixel
SelectObject
SelectPalette
SetTextColor
SetStretchBltMode
DeleteDC
GetStockObject
CreateFontIndirectA
CreatePen
SaveDC
DeleteObject
SetTextAlign
CreatePalette
LineTo
GetObjectA

kernel32

GetCurrentProcess
GetCurrentThread
MulDiv
QueryPerformanceCounter
RemoveDirectoryA
GetModuleHandleA
GetCurrentThreadId
GetUserDefaultLangID
DeleteFileA
lstrlenA
GetCurrentProcessId
GetConsoleOutputCP
GetDriveTypeA
lstrcmpiA
GlobalFindAtomA
GetStartupInfoA
GetModuleHandleW
IsDebuggerPresent
GetThreadLocale
lstrcmpA
DeleteFileW
lstrlenW
CopyFileA
GetOEMCP
GetWindowsDirectoryA
lstrcmpiW
GetCommandLineW
GetACP
GetVersion
SetCurrentDirectoryA
GetTickCount
GetProcessHeap
GetCommandLineA
GlobalFindAtomW
VirtualAlloc
VirtualFree

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Wbdpr Hm
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Rebeardo
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fac54c3129049398303a0e12e424354e

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

kernel32

glu32

Sections

.text Size: 11KB - Virtual size: 11KB

Wbdpr Hm Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 25KB

Rebeardo Size: 512B - Virtual size: 4KB

.data Size: 101KB - Virtual size: 100KB

.rsrc Size: 30KB - Virtual size: 29KB

.text
Size: 11KB - Virtual size: 11KB

Wbdpr Hm
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 25KB

Rebeardo
Size: 512B - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 30KB - Virtual size: 29KB