d335db3badc8f4ae44391fd138c468ad_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d335db3badc8f4ae44391fd138c468ad_JaffaCakes118
Size

179KB
MD5

d335db3badc8f4ae44391fd138c468ad
SHA1

f38dc6896a87e0d28dc36db400400c30f56f1c87
SHA256

2f155abbad65cba2f04e4c2804587f4632a3e27aa8633ce9f1415926c534593b
SHA512

5fd91a4550c79c48f656421bb60f3e8c0de16a1c7c48a41def1bf6bac356d1577051a41952edf576246d57c72574ea890015fad9277bc93b93eae6c378c1b2b8
SSDEEP

3072:8FbGZn2D+yPFD4bmbSqjADhpAjLDLGq5BpWOjjTG2xi9G7FzoJHIcKVS:avR92hyjT3oO/TK9OFzo5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d335db3badc8f4ae44391fd138c468ad_JaffaCakes118

Files

d335db3badc8f4ae44391fd138c468ad_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9584bde17eedd89fb5180fa6fc802081

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindow
TranslateMessage
GetDC
GetParent
DispatchMessageA
GetSystemMetrics
CharNextA
GetDesktopWindow

kernel32

GetVersion
GetACP
lstrcmpA
GlobalFindAtomW
lstrcmpiA
GetConsoleOutputCP
GetProcessHeap
GetWindowsDirectoryA
GetCurrentThread
GetCurrentThreadId
DeleteFileW
MulDiv
DeleteFileA
RemoveDirectoryA
CopyFileA
GetOEMCP
lstrcmpiW
GetCurrentProcess
GlobalFindAtomA
GetDriveTypeA
GetModuleHandleA
GetTickCount
lstrlenA
lstrlenW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
SetCurrentDirectoryA
GetCommandLineW
IsDebuggerPresent
GetStartupInfoA
GetCommandLineA
GetUserDefaultLangID
VirtualAlloc
VirtualFree

gdi32

GetPixel
DeleteObject
CreateSolidBrush
LineTo
SetStretchBltMode
MoveToEx
GetTextMetricsA
CreatePalette
SaveDC
CreateFontIndirectA
GetStockObject
SetTextColor
SetMapMode
CreateCompatibleDC
SetTextAlign
SelectObject
CreatePen
SelectPalette
GetClipBox
SetWindowExtEx
RestoreDC
GetDeviceCaps
PatBlt
DeleteDC
GetObjectA
RectVisible

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Xgokwv Q
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Bokdav Q
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9584bde17eedd89fb5180fa6fc802081

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 11KB - Virtual size: 11KB

Xgokwv Q Size: 512B - Virtual size: 4KB

.rdata Size: 24KB - Virtual size: 24KB

Bokdav Q Size: 512B - Virtual size: 4KB

.data Size: 109KB - Virtual size: 108KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 11KB - Virtual size: 11KB

Xgokwv Q
Size: 512B - Virtual size: 4KB

.rdata
Size: 24KB - Virtual size: 24KB

Bokdav Q
Size: 512B - Virtual size: 4KB

.data
Size: 109KB - Virtual size: 108KB

.rsrc
Size: 32KB - Virtual size: 32KB