a0cde466abeeb850316b4887f007863d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a0cde466abeeb850316b4887f007863d_JaffaCakes118
Size

166KB
MD5

a0cde466abeeb850316b4887f007863d
SHA1

2113602bb6b83bb75e62ebb3d234e834098182bf
SHA256

a34976443c1a8b12e006351db9e3c792e401a2a2ecf534cea72c1bad798cab67
SHA512

78ff9160a0abb9083f16d92e62e10c446154ffea0f103dfefa9bc23c07716470e287001af75f089b88c0b85ad60347244d936e5eef47e6716f149e62ba193694
SSDEEP

3072:ZgJN4yUyVG37AV9CNNvG1zWvaEb9PiLdPQ85fqbezOFf3Kb8:qJWGG4gNNZvp9PiLdPBYbXhD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0cde466abeeb850316b4887f007863d_JaffaCakes118

Files

a0cde466abeeb850316b4887f007863d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

53fecc3342f10d481a3cafbdf4cf3880

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetParent
CharNextA
GetDC
TranslateMessage
GetSystemMetrics
GetDesktopWindow

kernel32

GetModuleHandleW
GlobalFindAtomA
GetThreadLocale
RemoveDirectoryA
GetOEMCP
lstrlenW
GetCurrentProcess
GetConsoleOutputCP
GetCommandLineW
CopyFileA
GetProcessHeap
GlobalFindAtomW
GetCurrentThread
GetCurrentThreadId
GetVersion
IsDebuggerPresent
MulDiv
DeleteFileW
GetWindowsDirectoryA
GetDriveTypeA
GetTickCount
SetCurrentDirectoryA
DeleteFileA
lstrcmpA
GetUserDefaultLangID
GetACP
GetStartupInfoA
GetModuleHandleA
lstrcmpiW
lstrcmpiA
lstrlenA
QueryPerformanceCounter
VirtualAlloc
VirtualFree

gdi32

GetObjectA
GetPixel
RectVisible
CreateSolidBrush
SelectPalette
RestoreDC
DeleteDC
SetTextAlign
GetClipBox
SetTextColor
DeleteObject
GetDeviceCaps
CreateFontIndirectA
SetMapMode
SetStretchBltMode
SaveDC
CreatePalette
LineTo
SelectObject
GetStockObject
CreatePen
PatBlt
CreateCompatibleDC
GetTextMetricsA

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Kbjwvdys
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Iahk Ajl
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53fecc3342f10d481a3cafbdf4cf3880

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 11KB - Virtual size: 11KB

Kbjwvdys Size: 512B - Virtual size: 4KB

.rdata Size: 24KB - Virtual size: 24KB

Iahk Ajl Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 11KB - Virtual size: 11KB

Kbjwvdys
Size: 512B - Virtual size: 4KB

.rdata
Size: 24KB - Virtual size: 24KB

Iahk Ajl
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 28KB - Virtual size: 27KB