a365f3d6d4a63021e438c0e2667557ee_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a365f3d6d4a63021e438c0e2667557ee_JaffaCakes118
Size

170KB
MD5

a365f3d6d4a63021e438c0e2667557ee
SHA1

4923e33258229780a1948b9960cfabd4d8f5ca89
SHA256

19582ba00045da969adfe100ab0e09e3ba703484f85674e8ff020752387060fd
SHA512

5d0eea0212aa970d8b502850d41897586fb350f42656cae55368b612dee5a8fefbaf76ec82e963c862515a545f856e8a45500bb626038a766c08e1be20d79f38
SSDEEP

3072:wbOGCcNdvF9dS1iwDv1oEqknwcvdLLVN2/o4CsZjEmVBXx9oV/cbWIcWERuAz:wBCcpBOLwclLxN2/oDsZjTV3WVky1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a365f3d6d4a63021e438c0e2667557ee_JaffaCakes118

Files

a365f3d6d4a63021e438c0e2667557ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

15888466692450e4f3317bc88b6db327

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
CharNextA
GetDesktopWindow
TranslateMessage
GetSystemMetrics
GetParent

kernel32

IsDebuggerPresent
GetThreadLocale
GetOEMCP
GlobalFindAtomW
GetConsoleOutputCP
GetTickCount
GetDriveTypeA
CopyFileA
GlobalFindAtomA
DeleteFileW
GetCurrentThread
DeleteFileA
GetModuleHandleW
MulDiv
GetStartupInfoA
QueryPerformanceCounter
lstrlenW
GetModuleHandleA
GetUserDefaultLangID
lstrcmpiW
GetCommandLineW
GetProcessHeap
GetACP
GetVersion
lstrcmpiA
GetWindowsDirectoryA
GetCurrentProcessId
RemoveDirectoryA
GetCurrentProcess
lstrcmpA
GetCurrentThreadId
lstrlenA
SetCurrentDirectoryA
GetCommandLineA
VirtualAlloc
VirtualFree

gdi32

SelectPalette
LineTo
SelectObject
SetStretchBltMode
CreateCompatibleDC
CreatePalette
SetTextColor
SetTextAlign
CreateSolidBrush
DeleteDC
GetStockObject
SaveDC
PatBlt
CreatePen
GetDeviceCaps
RestoreDC
DeleteObject
SetMapMode
GetObjectA
GetClipBox
GetPixel
RectVisible
GetTextMetricsA
CreateFontIndirectA

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Yrqvprcs
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Asjqnjck
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15888466692450e4f3317bc88b6db327

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Yrqvprcs Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 25KB

Asjqnjck Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.rsrc Size: 31KB - Virtual size: 30KB

.text
Size: 10KB - Virtual size: 10KB

Yrqvprcs
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 25KB

Asjqnjck
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 31KB - Virtual size: 30KB