dc8af51aa216887c3959749634017dfb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dc8af51aa216887c3959749634017dfb_JaffaCakes118
Size

26KB
MD5

dc8af51aa216887c3959749634017dfb
SHA1

51e0eeb2dccfa637d5d9cbf2266c93a0c01066ff
SHA256

168e04549898643293297c9373314e348043298427d0dd2c87351462aecf3003
SHA512

f6c8dc0c2074076aa5b850f1fb888b3af59249f016296e9c0b151b686f75e24a7e107203dbba411b3a74224929da6929eb4a5f92b2a761a2a97b994df95d3002
SSDEEP

384:RcErd6DdoCNEzziHnnyoSPay3lf103o5X9ZCW9xXUnrAKR1EO03K:1r4DUz2Hny3ay3lSCTu70a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc8af51aa216887c3959749634017dfb_JaffaCakes118

Files

dc8af51aa216887c3959749634017dfb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d42f0464f720ce3b349b6a42bb508fca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatW
Process32First
GetNumberOfConsoleFonts
GetCurrentProcessId
VirtualAlloc
CreateSemaphoreA
GetCurrentThreadId
BuildCommDCBAndTimeoutsA
CancelDeviceWakeupRequest
QueryPerformanceCounter
GlobalAlloc
PeekConsoleInputW
GetTickCount
IsBadStringPtrW
SetFileTime
BackupRead
LZStart
GetUserGeoID
CreateWaitableTimerW
CreateFiber
SetConsoleTitleA
GetNumberOfConsoleInputEvents

user32

CreateDesktopW
SetForegroundWindow
HideCaret
ShowWindow
IsGUIThread
TranslateAccelerator
ImpersonateDdeClientWindow
DdeFreeDataHandle
SetClassLongA
SetActiveWindow
UnionRect
DestroyMenu
DrawTextExA

gdi32

CreateDIBPatternBrushPt
EngStrokePath
GdiAlphaBlend
GdiPlayPageEMF
EngMultiByteToUnicodeN
FillRgn
ResetDCW
CreatePolygonRgn
GdiQueryTable
GetPixel
EngLockSurface
SetArcDirection
EngGetCurrentCodePage

pdh

PdhEnumLogSetNamesA
PdhGetLogFileSize
PdhLookupPerfIndexByNameA
PdhVerifySQLDBW
PdhParseInstanceNameA
PdhAddCounterA
PdhGetDefaultPerfObjectHA
PdhEnumObjectItemsHA
PdhEnumObjectsA
PdhIsRealTimeQuery
PdhVbCreateCounterPathList
PdhParseCounterPathA
PdhBrowseCountersHA
PdhRemoveCounter
PdhComputeCounterStatistics

opengl32

glTexParameteri
glRasterPos2dv
glTexCoord2dv
glVertex4i
glListBase
glNormalPointer
glColor3d
wglGetCurrentContext
glPopMatrix
glTexImage2D
glTexCoord3f
glPopAttrib
glTranslated

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 630B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d42f0464f720ce3b349b6a42bb508fca

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

pdh

opengl32

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 1024B - Virtual size: 630B

.data Size: 512B - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 1024B - Virtual size: 630B

.data
Size: 512B - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 2KB