a54d50eaeecb1c57c047bde5e71642fb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a54d50eaeecb1c57c047bde5e71642fb_JaffaCakes118
Size

169KB
MD5

a54d50eaeecb1c57c047bde5e71642fb
SHA1

b998adf4d56c3d0a200a58aa88eccadca9b9d89f
SHA256

6fb6012133ea2e78b29b2e6ab53453c8289d5c26b38ebb1b201a1d7e0bdf3bb0
SHA512

c17fa3d4bd8078c560d762d7ef5584c3486abf79bd288f84ed234ef0937ffd135c932633b617a8a89185588c2185ef849997cccfd21ed9199199f9112548bd23
SSDEEP

3072:yQsw7qYzD3g7zxX3owQXUKI35asY0dwwT0+uDf:1sOsZo2wsYvb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a54d50eaeecb1c57c047bde5e71642fb_JaffaCakes118

Files

a54d50eaeecb1c57c047bde5e71642fb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

12a5d056fb82a177f46e3e12946bd7e8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SelectPalette
CreateSolidBrush
DeleteDC
GetTextMetricsA
GetDeviceCaps
GetPixel
CreatePen
RectVisible
SetTextAlign
DeleteObject
PatBlt
CreatePalette
GetClipBox
SelectObject
SetStretchBltMode
GetStockObject
SaveDC
GetObjectA
RestoreDC
LineTo
SetTextColor
CreateFontIndirectA
SetMapMode
CreateCompatibleDC

kernel32

GetCurrentThreadId
QueryPerformanceCounter
SetCurrentDirectoryA
GetProcessHeap
DeleteFileA
IsDebuggerPresent
GetCommandLineW
GetWindowsDirectoryA
GetTickCount
RemoveDirectoryA
GlobalFindAtomA
lstrcmpiA
GetACP
GetVersion
GetDriveTypeA
lstrcmpiW
GetCommandLineA
GetCurrentThread
CopyFileA
DeleteFileW
GetStartupInfoA
GetCurrentProcess
lstrlenA
lstrlenW
GlobalFindAtomW
GetThreadLocale
GetCurrentProcessId
lstrcmpA
GetOEMCP
GetModuleHandleW
GetConsoleOutputCP
GetModuleHandleA
GetUserDefaultLangID
VirtualAlloc
VirtualFree

user32

TranslateMessage
GetDesktopWindow
GetParent
CharNextA
GetDC
GetSystemMetrics

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Fwvkv. S
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Wbttjfvg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12a5d056fb82a177f46e3e12946bd7e8

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

user32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Fwvkv. S Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 25KB

Wbttjfvg Size: 512B - Virtual size: 4KB

.data Size: 101KB - Virtual size: 100KB

.rsrc Size: 29KB - Virtual size: 29KB

.text
Size: 10KB - Virtual size: 10KB

Fwvkv. S
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 25KB

Wbttjfvg
Size: 512B - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 29KB - Virtual size: 29KB