957ad9b7dd854b520891cf6a98f91826_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

957ad9b7dd854b520891cf6a98f91826_JaffaCakes118
Size

171KB
MD5

957ad9b7dd854b520891cf6a98f91826
SHA1

b0151359ed7115adb8c67f8d4c6ce1b72ef6f2f2
SHA256

d6819c5c969fd6eca0af44ed9d9771965bfb6b928b06d443a8908f0e21e65d35
SHA512

97fc51bf4151bd94e250a66d40fb5082578969f892dfa8145c3f6577254df9cff91930f94f06c8696377c4806b4247adfdd14741e15c21ec77a4cf00d6bf79a3
SSDEEP

3072:YYtPPhI7mQGq7+IPBBEG83SenAfKTWSHaoGopCGm1/ZRe:QLhBEG8CDfKTWSlky

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
957ad9b7dd854b520891cf6a98f91826_JaffaCakes118

Files

957ad9b7dd854b520891cf6a98f91826_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c3775a4779d0ac86846ab21381a605cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetTextAlign
DeleteDC
CreatePalette
SelectPalette
CreateCompatibleDC
GetStockObject
CreatePen
SelectObject
PatBlt
CreateFontIndirectA
SetStretchBltMode
LineTo
GetDeviceCaps
CreateSolidBrush
SetMapMode
RestoreDC
SetTextColor
DeleteObject
GetObjectA
GetClipBox
GetPixel
RectVisible
GetTextMetricsA
SaveDC

user32

GetParent
GetDesktopWindow
GetDC
GetSystemMetrics
CharNextA
TranslateMessage

kernel32

GetModuleHandleA
GetStartupInfoA
GetConsoleOutputCP
RemoveDirectoryA
lstrlenW
GetCurrentThread
GetCurrentThreadId
GetVersion
lstrcmpiA
GetWindowsDirectoryA
GetOEMCP
lstrcmpA
GetACP
CopyFileA
GetCommandLineA
DeleteFileA
GetTickCount
GetModuleHandleW
QueryPerformanceCounter
GetCommandLineW
GetUserDefaultLangID
DeleteFileW
GetCurrentProcess
GetProcessHeap
MulDiv
IsDebuggerPresent
SetCurrentDirectoryA
GetDriveTypeA
GetCurrentProcessId
GlobalFindAtomW
GlobalFindAtomA
lstrlenA
lstrcmpiW
GetThreadLocale
VirtualAlloc
VirtualFree

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Cla, Rjr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Hcvxmhis
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3775a4779d0ac86846ab21381a605cd

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

kernel32

glu32

Sections

.text Size: 11KB - Virtual size: 11KB

Cla, Rjr Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 25KB

Hcvxmhis Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.rsrc Size: 31KB - Virtual size: 31KB

.text
Size: 11KB - Virtual size: 11KB

Cla, Rjr
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 25KB

Hcvxmhis
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 31KB - Virtual size: 31KB