fa333fced6bc612d8005f077a6282790_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fa333fced6bc612d8005f077a6282790_JaffaCakes118
Size

165KB
MD5

fa333fced6bc612d8005f077a6282790
SHA1

b5bb465e628cc5bb65a7cfc3ded4dcf82d25b8a0
SHA256

963df1125ef95652cc77280223bd30cddb342610bf4aef5ed6afdfc44c1bd33c
SHA512

ae593185e4eabf4b0b567b54516dd0e38f3edf701ab117c9d2f15283d0f3eae2a5aac18bcc94bd0201a126a644946e26d67ec9d25df5b0d5ea71b1566c181d4c
SSDEEP

3072:rz/YR2ZrFR67bEK75h4SG+i49LTKb1GOZ+xLvDnuGWG:r7ZBfYO+B7L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa333fced6bc612d8005f077a6282790_JaffaCakes118

Files

fa333fced6bc612d8005f077a6282790_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e904d326dafa0db15600b91a0eb8dfeb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateCompatibleDC
PatBlt
GetClipBox
SelectPalette
SetTextColor
RestoreDC
GetTextMetricsA
GetDeviceCaps
GetPixel
SetTextAlign
DeleteDC
SetStretchBltMode
SelectObject
DeleteObject
CreatePen
RectVisible
CreateSolidBrush
SetMapMode
SaveDC
LineTo
CreateFontIndirectA
CreatePalette
GetStockObject
GetObjectA

user32

CharNextA
TranslateMessage
GetDC
GetDesktopWindow
GetSystemMetrics
GetParent

kernel32

GetModuleHandleA
GetOEMCP
GetCommandLineA
DeleteFileA
GetProcessHeap
lstrlenA
lstrlenW
MulDiv
RemoveDirectoryA
lstrcmpiW
GetTickCount
SetCurrentDirectoryA
GetCurrentProcessId
GetACP
GetUserDefaultLangID
GlobalFindAtomW
GetCommandLineW
IsDebuggerPresent
GetThreadLocale
GetCurrentProcess
GetCurrentThreadId
GetVersion
CopyFileA
GetModuleHandleW
GetCurrentThread
DeleteFileW
GetConsoleOutputCP
GetDriveTypeA
GlobalFindAtomA
GetStartupInfoA
lstrcmpA
GetWindowsDirectoryA
VirtualAlloc
VirtualFree

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Ygbwtiac
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Fxbe Tal
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e904d326dafa0db15600b91a0eb8dfeb

Headers

File Characteristics

Imports

gdi32

user32

kernel32

glu32

Sections

.text Size: 10KB - Virtual size: 9KB

Ygbwtiac Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 26KB

Fxbe Tal Size: 512B - Virtual size: 4KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 27KB - Virtual size: 55KB

.text
Size: 10KB - Virtual size: 9KB

Ygbwtiac
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 26KB

Fxbe Tal
Size: 512B - Virtual size: 4KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 27KB - Virtual size: 55KB