b494fa52588531e643b4350fe63df8b0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b494fa52588531e643b4350fe63df8b0_JaffaCakes118
Size

167KB
MD5

b494fa52588531e643b4350fe63df8b0
SHA1

7005a4319dfbd40c7fe303c2049ace2acaf15ae1
SHA256

fecc777a5cb79c57fc0a37704c92fd24c656e403c44aafa84f36eecd779abf15
SHA512

fbab8a99532536ffee59a58a19702d7b2041bb9a903a07fec477ed7aa082d2c3b64938370267974ea26a83fa522668efa4b3ca2874fe89e744d5d440ee9cb60f
SSDEEP

3072:Qemj7HQhntmpHjKF4gcNOLc/pRSoPdBoQ40/0Fy:IzoVc0ifSGdB5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b494fa52588531e643b4350fe63df8b0_JaffaCakes118

Files

b494fa52588531e643b4350fe63df8b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f0b853f84124d57b61b5c00af9153a99

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetTextColor
SelectObject
GetStockObject
GetObjectA
CreateSolidBrush
DeleteDC
GetDeviceCaps
PatBlt
GetTextMetricsA
DeleteObject
SaveDC
CreatePen
GetPixel
RestoreDC
CreateCompatibleDC
CreatePalette
SelectPalette
RectVisible
CreateFontIndirectA
SetStretchBltMode
SetTextAlign
LineTo
SetMapMode
GetClipBox

user32

GetSystemMetrics
GetParent
CharNextA
GetDesktopWindow
TranslateMessage
GetDC

kernel32

GetStartupInfoA
DeleteFileW
GetUserDefaultLangID
RemoveDirectoryA
GetConsoleOutputCP
IsDebuggerPresent
GetTickCount
MulDiv
GetModuleHandleW
GetCurrentThreadId
GetCurrentProcess
lstrcmpA
CopyFileA
DeleteFileA
GetCurrentThread
lstrlenW
GetACP
GetVersion
GetProcessHeap
GetOEMCP
lstrlenA
GetDriveTypeA
QueryPerformanceCounter
GetCurrentProcessId
GetCommandLineW
GetThreadLocale
SetCurrentDirectoryA
GetWindowsDirectoryA
GlobalFindAtomW
GlobalFindAtomA
lstrcmpiW
GetCommandLineA
lstrcmpiA
GetModuleHandleA
VirtualAlloc
VirtualFree

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Idcyrixp
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Buhihyvt
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f0b853f84124d57b61b5c00af9153a99

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

kernel32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Idcyrixp Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 24KB

Buhihyvt Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 29KB - Virtual size: 120KB

.text
Size: 10KB - Virtual size: 10KB

Idcyrixp
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 24KB

Buhihyvt
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 29KB - Virtual size: 120KB