f08341820943398b4ab87bcc638bed88_JaffaCakes118

General

Target

f08341820943398b4ab87bcc638bed88_JaffaCakes118
Size

556KB
MD5

f08341820943398b4ab87bcc638bed88
SHA1

42f542e6d6f98d8cb30e4cf8ea0a508d5ede6876
SHA256

415118eeebdbf079ad427acaf565b9ee79c65a8c4a6f9d5a66817cd65bdf4225
SHA512

3136716e22dbcfba4e4d742875ed69e8e88d4ae545b2a9e0678ca1dc79b312b7d11dd5aab0e6df2ca8ccee0251a31691c7f49ffd69771275970df753c7d6b55d
SSDEEP

12288:KYcxQh45QT/eKrpxUDIgyLqOclCyeWAJIrxmwgF/aobxa0sGH2e6WeuWe:KYcxQh4Y/F9xbTLqeyrxkwobxu+2e6W5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f08341820943398b4ab87bcc638bed88_JaffaCakes118

Files

f08341820943398b4ab87bcc638bed88_JaffaCakes118
.exe windows:4 windows x86 arch:x86

08590a166c75833fccfa7f737bebae96

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

glu32

gluTessProperty
gluBeginTrim
gluBeginCurve
gluDeleteNurbsRenderer
gluNewQuadric
gluErrorString
gluPerspective
gluErrorUnicodeStringEXT
gluNurbsCallback
gluOrtho2D
gluLoadSamplingMatrices
gluTessCallback
gluGetString

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

usp10

ScriptJustify
ScriptBreak
ScriptStringCPtoX

odbc32

ord4

Sections

.text
Size: 509KB - Virtual size: 509KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08590a166c75833fccfa7f737bebae96

Headers

File Characteristics

Imports

glu32

kernel32

usp10

odbc32

Sections

.text Size: 509KB - Virtual size: 509KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 305KB

.rsrc Size: 41KB - Virtual size: 41KB

.text
Size: 509KB - Virtual size: 509KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 305KB

.rsrc
Size: 41KB - Virtual size: 41KB