83b98f8b923a2441e2551f7911b54857_JaffaCakes118

General

Target

83b98f8b923a2441e2551f7911b54857_JaffaCakes118
Size

169KB
MD5

83b98f8b923a2441e2551f7911b54857
SHA1

87bff75b6a3858958d31ba85fc441a0fb485a55f
SHA256

1c3ecadd00e27d1432cb45647cc60f6b4ba267d8398f4a30cebe08bff21f8f52
SHA512

5bd906820235f00128209e11a0076996cf7892639869cce016107661801bef3ebe1f2f0e6e3e9c89670711ebd10c561726875a184fa72ea082e20f4a2486de75
SSDEEP

3072:SBeb0Vu1ilArs/6j1HRZgP5yfRfLmqUt5NtvAJTMQqwnbC3eIzC:Slu1iKI/6jNgP5ypjmqUTjvHZ4A5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83b98f8b923a2441e2551f7911b54857_JaffaCakes118

Files

83b98f8b923a2441e2551f7911b54857_JaffaCakes118
.exe windows:4 windows x86 arch:x86

86068a476f221cff699beb7716f438e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetParent
TranslateMessage
GetDesktopWindow
GetDC
CharNextA
GetSystemMetrics

kernel32

GetVersion
DeleteFileW
QueryPerformanceCounter
lstrlenW
lstrcmpiW
DeleteFileA
lstrcmpiA
RemoveDirectoryA
GetDriveTypeA
GlobalFindAtomW
GetUserDefaultLangID
GetThreadLocale
GetCurrentProcessId
GetCommandLineW
GetProcessHeap
GetCurrentThread
lstrcmpA
GlobalFindAtomA
GetModuleHandleW
GetACP
GetCommandLineA
IsDebuggerPresent
VirtualAlloc
GetConsoleOutputCP
VirtualFree
GetOEMCP
GetTickCount
GetModuleHandleA
GetStartupInfoA
SetCurrentDirectoryA
lstrlenA
GetCurrentThreadId
GetCurrentProcess
MulDiv
CopyFileA

gdi32

SelectPalette
GetTextMetricsA
SetMapMode
SaveDC
RestoreDC
SetTextAlign
CreateSolidBrush
GetPixel
PatBlt
CreatePen
SelectObject
CreateCompatibleDC
GetStockObject
RectVisible
GetDeviceCaps
CreatePalette
DeleteDC
CreateFontIndirectA
SetTextColor
LineTo
GetClipBox
DeleteObject
SetStretchBltMode
GetObjectA

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Snjdrhto
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Gyyvk Ll
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86068a476f221cff699beb7716f438e5

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 11KB - Virtual size: 11KB

Snjdrhto Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 24KB

Gyyvk Ll Size: 512B - Virtual size: 4KB

.data Size: 101KB - Virtual size: 100KB

.rsrc Size: 29KB - Virtual size: 29KB

.text
Size: 11KB - Virtual size: 11KB

Snjdrhto
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 24KB

Gyyvk Ll
Size: 512B - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 29KB - Virtual size: 29KB