b623777f50226a2c9dd10084ee1d89b6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b623777f50226a2c9dd10084ee1d89b6_JaffaCakes118
Size

166KB
MD5

b623777f50226a2c9dd10084ee1d89b6
SHA1

359f60bee636106d13c16706d4949dc7c4db5f04
SHA256

1c55fc16127bf853752e76786e7b18d65c7f58933094d23208db75a12ea5b419
SHA512

225d06343d5981c28770d18df0da195c4139202286a9ebf796615b7f124ac95b7524c216c4a7f47fa618d4c934f1118a099149c26f1ea161cb0c648f236d2356
SSDEEP

3072:rTVgUhW5/103/eiC8YhIPoScyfNzaUt7Wo1DDZua3CPKdo:fyUYYGiVYrScy1zamCoBDZEK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b623777f50226a2c9dd10084ee1d89b6_JaffaCakes118

Files

b623777f50226a2c9dd10084ee1d89b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

85c19fcfa5d3bf377f0f69281a1865e3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleOutputCP
MulDiv
GetProcessHeap
GetCurrentThread
GetVersion
GetCurrentProcess
DeleteFileA
GetModuleHandleA
GlobalFindAtomW
RemoveDirectoryA
GetWindowsDirectoryA
GetCurrentProcessId
GetOEMCP
DeleteFileW
GetModuleHandleW
lstrlenA
lstrcmpiW
GetCommandLineW
GetTickCount
SetCurrentDirectoryA
lstrcmpiA
GetCurrentThreadId
lstrlenW
VirtualAlloc
VirtualFree
GetStartupInfoA
GlobalFindAtomA
GetDriveTypeA
GetThreadLocale
GetACP
QueryPerformanceCounter
GetUserDefaultLangID

user32

GetSystemMetrics
CharNextA
GetDesktopWindow
TranslateMessage
GetParent
GetDC

gdi32

GetPixel
CreatePen
CreateFontIndirectA
LineTo
SetTextColor
SetStretchBltMode
CreatePalette
GetDeviceCaps
GetTextMetricsA
SaveDC
GetClipBox
CreateSolidBrush
SelectPalette
RectVisible
CreateCompatibleDC
SetTextAlign
RestoreDC
DeleteDC
SetMapMode
DeleteObject
GetObjectA
PatBlt
GetStockObject
SelectObject

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Agdrugap
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sndbt. D
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85c19fcfa5d3bf377f0f69281a1865e3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Agdrugap Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 24KB

Sndbt. D Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 29KB - Virtual size: 28KB

.text
Size: 10KB - Virtual size: 10KB

Agdrugap
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 24KB

Sndbt. D
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 29KB - Virtual size: 28KB