daaf8b533dd1cbd62eace4aad2ef212c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

daaf8b533dd1cbd62eace4aad2ef212c_JaffaCakes118
Size

165KB
MD5

daaf8b533dd1cbd62eace4aad2ef212c
SHA1

f821fd2bfc862d239c74704b1e79e938e29343f5
SHA256

0d25db6031199f77329746d97de81cc2efb828a6b4303de8b3610b458198b4af
SHA512

bf909d1ec2f7a2926768f850e694680ba109320272798a804679bf395fc5444ac5a8570ff4beb7094adc536f8b6edf0b386db28c5dbc60d75642c4c3a0f5da71
SSDEEP

3072:1bhRmZj/FtOa1QknCjlYPEU66iHmetstGTKdlvPmw+zntmtT5wEx61qjQHzyX6gy:l4q4QkAOPEQiGT0t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
daaf8b533dd1cbd62eace4aad2ef212c_JaffaCakes118

Files

daaf8b533dd1cbd62eace4aad2ef212c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c3a9335688bf00b6c884442dcebc55fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
GetParent
GetDesktopWindow
TranslateMessage
GetSystemMetrics
CharNextA

kernel32

GetDriveTypeA
MulDiv
DeleteFileA
lstrcmpiW
GetUserDefaultLangID
GetProcessHeap
GetThreadLocale
GlobalFindAtomW
IsDebuggerPresent
lstrcmpA
GetACP
CopyFileA
GetConsoleOutputCP
GetOEMCP
lstrlenW
GetCurrentThread
RemoveDirectoryA
GetTickCount
GetStartupInfoA
QueryPerformanceCounter
GetVersion
GetModuleHandleW
GetCurrentProcess
SetCurrentDirectoryA
GetModuleHandleA
GlobalFindAtomA
GetCurrentProcessId
DeleteFileW
GetWindowsDirectoryA
GetCommandLineA
GetCommandLineW
lstrlenA
VirtualAlloc
lstrcmpiA
VirtualFree

gdi32

SetTextAlign
DeleteObject
CreatePalette
SetStretchBltMode
GetObjectA
GetClipBox
SetTextColor
DeleteDC
RestoreDC
CreatePen
CreateSolidBrush
PatBlt
LineTo
GetDeviceCaps
SetMapMode
GetPixel
GetTextMetricsA
RectVisible
SelectObject
CreateCompatibleDC
CreateFontIndirectA
GetStockObject
SaveDC
SelectPalette

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Niyke. B
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Egguvftt
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3a9335688bf00b6c884442dcebc55fb

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 11KB - Virtual size: 10KB

Niyke. B Size: 512B - Virtual size: 4KB

.rdata Size: 24KB - Virtual size: 24KB

Egguvftt Size: 512B - Virtual size: 4KB

.data Size: 101KB - Virtual size: 100KB

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 11KB - Virtual size: 10KB

Niyke. B
Size: 512B - Virtual size: 4KB

.rdata
Size: 24KB - Virtual size: 24KB

Egguvftt
Size: 512B - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 26KB - Virtual size: 26KB