b150dbccdb9ef579e85210c3308fdca9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b150dbccdb9ef579e85210c3308fdca9_JaffaCakes118
Size

167KB
MD5

b150dbccdb9ef579e85210c3308fdca9
SHA1

764538a543e186dda7255e50ec2a82c6bb514ed4
SHA256

cf40ea25a1e84c534b91e9db505a51550128cfe2baa81219a125ab36ed00dbdb
SHA512

86becde3e6a9f902886ffa977125c3deee31bad31db22a1df5e15d021717e5f560d8deec6d2de450a083ac1217aec66a9423ec54ac07c95a3355d0c94f4d306c
SSDEEP

3072:VMc4GKUGUyTPNk/7Kc1fIE+4881+oDbZWb9O6MdW:FPalu7MEV8M+AoyW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b150dbccdb9ef579e85210c3308fdca9_JaffaCakes118

Files

b150dbccdb9ef579e85210c3308fdca9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b7fd23e673617f3076a87499b5f2a1fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

PatBlt
SelectPalette
RestoreDC
GetClipBox
CreateCompatibleDC
CreatePen
GetStockObject
SetMapMode
GetDeviceCaps
SelectObject
GetObjectA
GetTextMetricsA
DeleteDC
GetPixel
RectVisible
CreatePalette
SetStretchBltMode
CreateSolidBrush
CreateFontIndirectA
SaveDC
LineTo
SetTextColor
DeleteObject
SetTextAlign

kernel32

GetCommandLineA
GetThreadLocale
GetStartupInfoA
VirtualAlloc
MulDiv
QueryPerformanceCounter
GetUserDefaultLangID
GetOEMCP
GetCurrentProcess
GetCurrentThread
lstrcmpA
VirtualFree
IsDebuggerPresent
GetModuleHandleA
GetConsoleOutputCP
CopyFileA
SetCurrentDirectoryA
GetDriveTypeA
GetVersion
GetACP
GetTickCount
GlobalFindAtomW
GetProcessHeap
lstrcmpiW
GetModuleHandleW
lstrcmpiA
lstrlenA
GlobalFindAtomA
GetCurrentThreadId
GetWindowsDirectoryA
DeleteFileW
RemoveDirectoryA
GetCommandLineW
DeleteFileA
lstrlenW
GetCurrentProcessId

user32

GetSystemMetrics
TranslateMessage
CharNextA
GetDesktopWindow
GetDC
GetParent

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Qxlrekvv
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Krqy Ofj
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7fd23e673617f3076a87499b5f2a1fa

Headers

File Characteristics

Imports

gdi32

kernel32

user32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Qxlrekvv Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 25KB

Krqy Ofj Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 10KB - Virtual size: 10KB

Qxlrekvv
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 25KB

Krqy Ofj
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 28KB - Virtual size: 28KB