a72c33daceb6c14a795062bb4fbedcb1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a72c33daceb6c14a795062bb4fbedcb1_JaffaCakes118
Size

166KB
MD5

a72c33daceb6c14a795062bb4fbedcb1
SHA1

0ab6b7401c06c60e5f1f470084d8f06a7c1bad6f
SHA256

3625f31ab83a605f54aa129040ec99bdf4ca1e1fe2945a837c2b2b2ed272a7b4
SHA512

301f0450406de6f1b4c9b0ee042d5f307ca73923d70da5c2423b63ecc1649924d9e316de31cf8c9772b92a70f2aa8bf83abc11f71af97c294380af1cc4c97a3c
SSDEEP

3072:Z5DRb616ByNUiQ17KaK2vRWCnrzQk7v0wyM5AcW:ZdI+ik7KcvkCrz57sw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a72c33daceb6c14a795062bb4fbedcb1_JaffaCakes118

Files

a72c33daceb6c14a795062bb4fbedcb1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

69dba1fd89a0fc1e665060cb33ee7140

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateFontIndirectA
GetDeviceCaps
CreateSolidBrush
CreatePen
LineTo
PatBlt
DeleteObject
DeleteDC
SetTextColor
RectVisible
SelectObject
SetMapMode
GetStockObject
CreateCompatibleDC
GetPixel
GetTextMetricsA
GetObjectA
SetStretchBltMode
GetClipBox
SelectPalette
SaveDC
CreatePalette
SetTextAlign
RestoreDC

kernel32

GetOEMCP
lstrlenA
IsDebuggerPresent
GetThreadLocale
GetCurrentThread
MulDiv
GetACP
GetTickCount
GetVersion
QueryPerformanceCounter
GetCommandLineW
GetCurrentProcessId
GlobalFindAtomA
GetCurrentThreadId
GetProcessHeap
lstrcmpiW
RemoveDirectoryA
GlobalFindAtomW
lstrcmpiA
GetModuleHandleA
GetModuleHandleW
SetCurrentDirectoryA
CopyFileA
GetConsoleOutputCP
lstrlenW
GetCommandLineA
GetUserDefaultLangID
VirtualAlloc
VirtualFree
DeleteFileW
GetWindowsDirectoryA
GetStartupInfoA
GetDriveTypeA
lstrcmpA
GetCurrentProcess
DeleteFileA

user32

GetSystemMetrics
GetDesktopWindow
GetDC
GetParent
CharNextA
TranslateMessage

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Ixpqpdxk
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Bvdyfriq
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69dba1fd89a0fc1e665060cb33ee7140

Headers

File Characteristics

Imports

gdi32

kernel32

user32

glu32

Sections

.text Size: 10KB - Virtual size: 9KB

Ixpqpdxk Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 25KB

Bvdyfriq Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 10KB - Virtual size: 9KB

Ixpqpdxk
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 25KB

Bvdyfriq
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 28KB - Virtual size: 28KB