a8a275936a7941766a4f78abb948f90a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a8a275936a7941766a4f78abb948f90a_JaffaCakes118
Size

168KB
MD5

a8a275936a7941766a4f78abb948f90a
SHA1

f3919bc9c8d77a37ba77d758a91e53ebde3250c8
SHA256

2dc96561effb34d03b6c62ac87e3132f2366202140e2491f8e6c64ef7553b152
SHA512

33fd363bd04ef0ca554711ea1361cc1eb128040f483d10203587f049cdf288f7ea99d00174718a911c17edc4489a1d0cfd20722910f6eb199227d7bb4a5642e8
SSDEEP

3072:xFbZtVmhvii1i+JiwCWTy97COrFMd8hCsa+YALjHDGIrx:nCvdJ+97ps+YtALj9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8a275936a7941766a4f78abb948f90a_JaffaCakes118

Files

a8a275936a7941766a4f78abb948f90a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

268d8db2cc58dbbc64a3cefa21e0c881

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
CharNextA
GetParent
GetDesktopWindow
GetSystemMetrics
TranslateMessage

kernel32

GetProcessHeap
GetCurrentThreadId
GetWindowsDirectoryA
lstrcmpA
CopyFileA
GetCurrentProcess
lstrlenW
GetUserDefaultLangID
lstrlenA
RemoveDirectoryA
DeleteFileW
GetDriveTypeA
GetCommandLineW
lstrcmpiW
GetOEMCP
GetACP
GlobalFindAtomW
MulDiv
GetStartupInfoA
GetCommandLineA
GetVersion
GlobalFindAtomA
GetConsoleOutputCP
DeleteFileA
SetCurrentDirectoryA
GetModuleHandleW
lstrcmpiA
QueryPerformanceCounter
GetCurrentThread
GetThreadLocale
IsDebuggerPresent
GetModuleHandleA
VirtualAlloc
VirtualFree

gdi32

SelectObject
GetTextMetricsA
CreateSolidBrush
GetStockObject
GetClipBox
SetTextColor
CreateCompatibleDC
LineTo
RestoreDC
SetMapMode
DeleteDC
GetPixel
CreatePen
GetObjectA
SetTextAlign
RectVisible
GetDeviceCaps
SaveDC
SetStretchBltMode
DeleteObject
PatBlt
SelectPalette
CreateFontIndirectA
CreatePalette

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Eqeor, T
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Hvmgb, R
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

268d8db2cc58dbbc64a3cefa21e0c881

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Eqeor, T Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 24KB

Hvmgb, R Size: 512B - Virtual size: 4KB

.data Size: 101KB - Virtual size: 100KB

.rsrc Size: 29KB - Virtual size: 29KB

.text
Size: 10KB - Virtual size: 10KB

Eqeor, T
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 24KB

Hvmgb, R
Size: 512B - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 29KB - Virtual size: 29KB