73c8a938f1df28e2d193cc6c9f1b40a9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

73c8a938f1df28e2d193cc6c9f1b40a9_JaffaCakes118
Size

169KB
MD5

73c8a938f1df28e2d193cc6c9f1b40a9
SHA1

d3fbd9e8ca72b1ac6cbd2e553c76ea6e7d6728d7
SHA256

d4fa1364e364e6f36d0d8d775fe5f594e1f067d070b32de1a569bf4b7bdc7309
SHA512

a7c6ef5bb581780b42a91da61f444d2e97ddd2f872e5b8b29e4c19f51b88d45f483407fefe4fae20c322a93a67a22005b7c9f7502a7f7012c6131b445525e89c
SSDEEP

3072:DG1viBFz00qXgGwigspT19PmC3h1kPaetzR0qiuyobx3SbtgXJR:DLXz0VwE5JZb3h1k/R0QyoCA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73c8a938f1df28e2d193cc6c9f1b40a9_JaffaCakes118

Files

73c8a938f1df28e2d193cc6c9f1b40a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c32b61a75591e6346ef01c7481ca8301

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
GetConsoleOutputCP
SetCurrentDirectoryA
GetModuleHandleW
GetCommandLineW
GetVersion
DeleteFileA
GetThreadLocale
DeleteFileW
lstrlenW
GlobalFindAtomA
RemoveDirectoryA
GetCommandLineA
GetProcessHeap
lstrcmpA
CopyFileA
lstrcmpiA
GetACP
GetCurrentProcessId
GetWindowsDirectoryA
GetCurrentThreadId
GetOEMCP
GetStartupInfoA
MulDiv
IsDebuggerPresent
GetUserDefaultLangID
VirtualAlloc
GetCurrentProcess
VirtualFree
GlobalFindAtomW
GetModuleHandleA
GetDriveTypeA
lstrcmpiW
lstrlenA

gdi32

GetDeviceCaps
SaveDC
GetTextMetricsA
RectVisible
GetObjectA
GetClipBox
CreatePalette
GetStockObject
DeleteDC
CreateCompatibleDC
CreatePen
CreateSolidBrush
SetTextColor
SetMapMode
CreateFontIndirectA
SelectPalette
GetPixel
DeleteObject
RestoreDC
SelectObject
LineTo
SetStretchBltMode
SetTextAlign
PatBlt

user32

GetSystemMetrics
TranslateMessage
GetDC
GetParent
GetDesktopWindow
CharNextA

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Xdlfxoeq
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Wqbiv Up
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c32b61a75591e6346ef01c7481ca8301

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 11KB - Virtual size: 11KB

Xdlfxoeq Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 25KB

Wqbiv Up Size: 512B - Virtual size: 4KB

.data Size: 101KB - Virtual size: 100KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 11KB - Virtual size: 11KB

Xdlfxoeq
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 25KB

Wqbiv Up
Size: 512B - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 28KB - Virtual size: 28KB