e1c686afe1b43f4bd5a887a77f548ccb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e1c686afe1b43f4bd5a887a77f548ccb_JaffaCakes118
Size

171KB
MD5

e1c686afe1b43f4bd5a887a77f548ccb
SHA1

3e10c9dd553ebf9ce6f0c72e4f899b8db239575e
SHA256

95ed82526794d64117c9e33d1525535ec4ae9e465730df81bcfdf9b4bfd9dfe6
SHA512

8198d373fe17af86727dd5fab7b475fdc9a291251cd521333c9c5c8ed2b995da04fdb2a48faf99e022fbba07582ca6defb3f7f55be4c617b514ac3c215e584c1
SSDEEP

3072:2GmloLbxnRRAhL1DyoKOnQBP5OcexEzekQd:2dMxnRYL1DyfMQrOcs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1c686afe1b43f4bd5a887a77f548ccb_JaffaCakes118

Files

e1c686afe1b43f4bd5a887a77f548ccb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae34400019250c4263a8812a1723d9b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextA
GetDC
GetParent
GetSystemMetrics
TranslateMessage
GetDesktopWindow

kernel32

MulDiv
QueryPerformanceCounter
DeleteFileW
GetThreadLocale
GetCurrentProcess
GetCurrentProcessId
GetVersion
CopyFileA
GetCurrentThread
GetACP
GetWindowsDirectoryA
lstrlenA
DeleteFileA
GetDriveTypeA
lstrcmpiW
SetCurrentDirectoryA
GlobalFindAtomW
GetProcessHeap
lstrlenW
lstrcmpiA
GetCommandLineW
GetCurrentThreadId
GetStartupInfoA
lstrcmpA
GetConsoleOutputCP
GetModuleHandleA
GetUserDefaultLangID
IsDebuggerPresent
GetTickCount
GetOEMCP
RemoveDirectoryA
GlobalFindAtomA
GetCommandLineA
GetModuleHandleW
VirtualAlloc
VirtualFree

gdi32

GetObjectA
LineTo
SaveDC
GetDeviceCaps
PatBlt
DeleteObject
SetMapMode
DeleteDC
CreateFontIndirectA
RestoreDC
SetTextAlign
RectVisible
CreateCompatibleDC
SelectPalette
SelectObject
GetPixel
CreatePen
CreatePalette
GetStockObject
GetClipBox
SetStretchBltMode
GetTextMetricsA
SetTextColor
CreateSolidBrush

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Ecmig Km
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Xboekwmo
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae34400019250c4263a8812a1723d9b1

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 11KB - Virtual size: 11KB

Ecmig Km Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 26KB

Xboekwmo Size: 512B - Virtual size: 4KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 31KB - Virtual size: 31KB

.text
Size: 11KB - Virtual size: 11KB

Ecmig Km
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 26KB

Xboekwmo
Size: 512B - Virtual size: 4KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 31KB - Virtual size: 31KB