939ed21f44468779e2b3b9c41f53115a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

939ed21f44468779e2b3b9c41f53115a_JaffaCakes118
Size

169KB
MD5

939ed21f44468779e2b3b9c41f53115a
SHA1

bdd619174e5e733e1a170ff2049989ecb3d56d5a
SHA256

a3c66babeea82b1ad1898436b800ca6d92b26fea0039b55618ab28f781d4caa0
SHA512

d8e6345fbe146cda97082d993918c7b481ec812f0b41afd0f8a71ccc99df8bf3bb0b4bd9eda771f2a93da0ef8f1a4ff45695a244fac48388bc90130139258c7f
SSDEEP

3072:1dGm1qjnVoAQE3IiupCt8X5qUF4uBLFe0S:qmWqQ8JqUvBpS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
939ed21f44468779e2b3b9c41f53115a_JaffaCakes118

Files

939ed21f44468779e2b3b9c41f53115a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9583c04cab1fa26108b3e69d0004778a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextA
GetParent
TranslateMessage
GetDC
GetSystemMetrics
GetDesktopWindow

gdi32

SaveDC
GetDeviceCaps
PatBlt
GetClipBox
DeleteObject
SetTextAlign
CreateFontIndirectA
DeleteDC
CreateCompatibleDC
LineTo
GetStockObject
GetPixel
GetObjectA
GetTextMetricsA
RestoreDC
CreatePen
CreateSolidBrush
SelectObject
RectVisible
SetMapMode
SetTextColor
SetStretchBltMode
CreatePalette
SelectPalette

kernel32

DeleteFileA
SetCurrentDirectoryA
lstrcmpiW
GetCurrentThread
GetStartupInfoA
RemoveDirectoryA
GetUserDefaultLangID
CopyFileA
DeleteFileW
GetVersion
GetConsoleOutputCP
lstrcmpiA
GetModuleHandleW
GetTickCount
MulDiv
GetCurrentThreadId
lstrlenW
GetModuleHandleA
GetThreadLocale
GetCommandLineA
GetWindowsDirectoryA
IsDebuggerPresent
GetCurrentProcessId
GetOEMCP
GetCurrentProcess
GetDriveTypeA
GlobalFindAtomA
lstrcmpA
GetACP
QueryPerformanceCounter
GetProcessHeap
GlobalFindAtomW
lstrlenA
VirtualAlloc
VirtualFree

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Omvxkrhc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Rdvsihsf
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9583c04cab1fa26108b3e69d0004778a

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

kernel32

glu32

Sections

.text Size: 11KB - Virtual size: 11KB

Omvxkrhc Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 25KB

Rdvsihsf Size: 512B - Virtual size: 4KB

.data Size: 101KB - Virtual size: 101KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 11KB - Virtual size: 11KB

Omvxkrhc
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 25KB

Rdvsihsf
Size: 512B - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 101KB

.rsrc
Size: 28KB - Virtual size: 28KB