fbbeb81b1343138d029ce5db1b8ccf87_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fbbeb81b1343138d029ce5db1b8ccf87_JaffaCakes118
Size

167KB
MD5

fbbeb81b1343138d029ce5db1b8ccf87
SHA1

0ccfa2acde26e1744e0197a274eaeef1ae053d2f
SHA256

d29b7678080e6cf5cb93dbb05d178743b7e7d4de6bef57b1d779ed34369b401c
SHA512

f8491e858b93049d427c5beb4d9296f8ead7f2a93113b6399963a52ff84233f722da4e92d9f2a52d1bd325027600865466608caa2fb8b0b00398961dc4f6ad55
SSDEEP

3072:j6KH5mTSdEIuGO2G5Rm9Wb/6VSZSThf13k53D1:j6KZsjBm9e/6VdFtU11

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbbeb81b1343138d029ce5db1b8ccf87_JaffaCakes118

Files

fbbeb81b1343138d029ce5db1b8ccf87_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e0f604667a0a69784b073cd639dc98c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextA
GetParent
GetDesktopWindow
GetDC
GetSystemMetrics
TranslateMessage

kernel32

GetCurrentThreadId
GetTickCount
GetProcessHeap
GlobalFindAtomA
lstrcmpiA
MulDiv
GetWindowsDirectoryA
CopyFileA
DeleteFileA
GlobalFindAtomW
GetCurrentProcess
DeleteFileW
GetCurrentThread
GetModuleHandleW
GetCommandLineA
GetVersion
lstrcmpiW
SetCurrentDirectoryA
GetUserDefaultLangID
GetModuleHandleA
GetOEMCP
GetThreadLocale
GetDriveTypeA
GetACP
lstrlenA
GetStartupInfoA
RemoveDirectoryA
IsDebuggerPresent
QueryPerformanceCounter
lstrlenW
GetConsoleOutputCP
lstrcmpA
GetCommandLineW
GetCurrentProcessId
VirtualAlloc
VirtualFree

gdi32

DeleteObject
SetTextAlign
GetStockObject
CreateSolidBrush
GetTextMetricsA
CreatePalette
GetObjectA
SelectObject
SaveDC
RectVisible
SetStretchBltMode
GetDeviceCaps
SelectPalette
GetPixel
CreateCompatibleDC
SetTextColor
PatBlt
GetClipBox
SetMapMode
LineTo
DeleteDC
RestoreDC
CreatePen
CreateFontIndirectA

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Jrbj, Vp
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Nould. T
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0f604667a0a69784b073cd639dc98c7

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 11KB - Virtual size: 10KB

Jrbj, Vp Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 25KB

Nould. T Size: 512B - Virtual size: 4KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 29KB - Virtual size: 29KB

.text
Size: 11KB - Virtual size: 10KB

Jrbj, Vp
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 25KB

Nould. T
Size: 512B - Virtual size: 4KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 29KB - Virtual size: 29KB