a272365e1ab55ef366a15536b2c81748_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a272365e1ab55ef366a15536b2c81748_JaffaCakes118
Size

168KB
MD5

a272365e1ab55ef366a15536b2c81748
SHA1

48423805d20e2fbb301102e476dd85de56df2e65
SHA256

5cbd8d630e926d56e4b833c87a1a08c1a84c81c5d606baa0605fda9956e077c9
SHA512

e2c74969487f4be4df6e26d2c791c97c6404e9897c0e7e9077ef7b3f39bd6c2e2505837e7208cc7ea03564bf3d8591971cfa7fafba11747ed30a1a198e7461ef
SSDEEP

3072:LVP9BRw/sv0HU/w8lBBRwCKsJLZzpjXMWR3GwdUEa80NYSqb:LVVE/KBBRwCKsJLRpAWR2U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a272365e1ab55ef366a15536b2c81748_JaffaCakes118

Files

a272365e1ab55ef366a15536b2c81748_JaffaCakes118
.exe windows:4 windows x86 arch:x86

16b6b3bf803fa230b663286708c3fed2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFindAtomA
GetOEMCP
GetCurrentProcess
lstrcmpiW
lstrlenW
GetACP
GetCurrentProcessId
GetProcessHeap
QueryPerformanceCounter
lstrcmpA
GetUserDefaultLangID
GetCommandLineA
GetTickCount
GetCurrentThreadId
GetModuleHandleA
GetWindowsDirectoryA
VirtualAlloc
lstrlenA
lstrcmpiA
MulDiv
VirtualFree
GetVersion
SetCurrentDirectoryA
DeleteFileW
GetCommandLineW
GetDriveTypeA
GetConsoleOutputCP
IsDebuggerPresent
GetCurrentThread
GetModuleHandleW
RemoveDirectoryA
DeleteFileA
GlobalFindAtomW
CopyFileA
GetStartupInfoA
GetThreadLocale

gdi32

PatBlt
RestoreDC
CreateFontIndirectA
GetObjectA
SelectObject
GetPixel
CreateCompatibleDC
CreatePen
SetTextAlign
CreatePalette
GetClipBox
SaveDC
GetTextMetricsA
CreateSolidBrush
DeleteObject
RectVisible
SetStretchBltMode
GetStockObject
LineTo
GetDeviceCaps
SetMapMode
SelectPalette
DeleteDC
SetTextColor

user32

TranslateMessage
GetDC
GetParent
GetSystemMetrics
CharNextA
GetDesktopWindow

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Fnnlj Hn
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Pmatda T
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16b6b3bf803fa230b663286708c3fed2

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 11KB - Virtual size: 10KB

Fnnlj Hn Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 25KB

Pmatda T Size: 512B - Virtual size: 4KB

.data Size: 101KB - Virtual size: 100KB

.rsrc Size: 29KB - Virtual size: 28KB

.text
Size: 11KB - Virtual size: 10KB

Fnnlj Hn
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 25KB

Pmatda T
Size: 512B - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 29KB - Virtual size: 28KB