b31175602801d9766e695b5ec5577f2b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b31175602801d9766e695b5ec5577f2b_JaffaCakes118
Size

169KB
MD5

b31175602801d9766e695b5ec5577f2b
SHA1

80eda27e1bf2c84d60d9e16d4e8f4e48d0659b81
SHA256

438f0b87b2b8f3e005ad56897a480df3acded7d3cae5d301c4670589df0d32f8
SHA512

4f3f68ed5ba2b612faa01b09818ce6169a477c5a0f4645d28507d3f38b9bdd4923e91f12e808cf1373e3a2746304b71ab76f5a8b2812be3cb8f0b251b4e84467
SSDEEP

3072:ReGtH0/hHOTq9HduiQ/A16F4nNOwzhsOrUgROcB2g:ReuBTq2iQYa4kwtsOLY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b31175602801d9766e695b5ec5577f2b_JaffaCakes118

Files

b31175602801d9766e695b5ec5577f2b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7f7437915acde3658b8c17c26d7340f3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDeviceCaps
LineTo
PatBlt
GetStockObject
SelectObject
DeleteObject
RectVisible
CreateFontIndirectA
GetTextMetricsA
CreatePen
CreateCompatibleDC
SelectPalette
DeleteDC
SetTextAlign
GetPixel
SaveDC
GetObjectA
GetClipBox
SetTextColor
CreateSolidBrush
SetMapMode
SetStretchBltMode
CreatePalette
RestoreDC

user32

GetSystemMetrics
GetDC
TranslateMessage
CharNextA
GetParent
GetDesktopWindow

kernel32

QueryPerformanceCounter
IsDebuggerPresent
RemoveDirectoryA
GetModuleHandleA
lstrcmpiA
GetVersion
GetCurrentThreadId
CopyFileA
GetProcessHeap
GetCurrentProcessId
DeleteFileW
GetDriveTypeA
GlobalFindAtomW
GetOEMCP
GetCurrentProcess
SetCurrentDirectoryA
lstrlenW
lstrlenA
GetModuleHandleW
GetTickCount
MulDiv
lstrcmpiW
GlobalFindAtomA
DeleteFileA
GetCurrentThread
lstrcmpA
GetCommandLineA
GetACP
GetStartupInfoA
GetCommandLineW
GetConsoleOutputCP
GetUserDefaultLangID
GetThreadLocale
VirtualAlloc
GetWindowsDirectoryA
VirtualFree

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Oqwjiuno
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Jofnotbh
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f7437915acde3658b8c17c26d7340f3

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

kernel32

glu32

Sections

.text Size: 11KB - Virtual size: 11KB

Oqwjiuno Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 25KB

Jofnotbh Size: 512B - Virtual size: 4KB

.data Size: 101KB - Virtual size: 100KB

.rsrc Size: 29KB - Virtual size: 28KB

.text
Size: 11KB - Virtual size: 11KB

Oqwjiuno
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 25KB

Jofnotbh
Size: 512B - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 29KB - Virtual size: 28KB