ff8b189bb4f0d0f6d261a8338ca23079_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ff8b189bb4f0d0f6d261a8338ca23079_JaffaCakes118
Size

169KB
MD5

ff8b189bb4f0d0f6d261a8338ca23079
SHA1

47b836d688d6c9d1bc5fdc2597eac17e8199ff4a
SHA256

5abec8aff92d0648f997ee5c6c1f0f7fa9309bdc56bd6de1da215c16a7ea1086
SHA512

ae506eb54d8f944f000f2c394cecf31f94fcc4a5704b45b14811ff888bf36d3da1645c0612d53602448305a6f94fde262825fed2dd7f4f82974ebbfbe5f0176b
SSDEEP

3072:+yGZbJOZocLfcoWc0laTdgFNSR/LIeM6nfEFS7neeoZh3E6RFh:uJOF2MS96fEFmej/f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff8b189bb4f0d0f6d261a8338ca23079_JaffaCakes118

Files

ff8b189bb4f0d0f6d261a8338ca23079_JaffaCakes118
.exe windows:5 windows x86 arch:x86

922fbee7c24d60218ddeaccaa1a37eb7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
lstrcmpiA
GetCurrentProcessId
DeleteFileA
IsDebuggerPresent
DeleteFileW
SetCurrentDirectoryA
GetTickCount
MulDiv
RemoveDirectoryA
GetOEMCP
GetDriveTypeA
GetACP
GetCommandLineW
CopyFileA
QueryPerformanceCounter
GetModuleHandleA
GetVersion
lstrlenA
GetModuleHandleW
GetConsoleOutputCP
GetWindowsDirectoryA
GetCurrentThreadId
GetCurrentProcess
GlobalFindAtomA
VirtualAlloc
lstrlenW
lstrcmpA
VirtualFree
GetThreadLocale
GetCommandLineA
GetProcessHeap
GlobalFindAtomW
GetStartupInfoA

gdi32

PatBlt
GetClipBox
GetDeviceCaps
DeleteDC
RestoreDC
SetTextAlign
SelectPalette
CreateCompatibleDC
RectVisible
SetStretchBltMode
LineTo
GetStockObject
DeleteObject
GetObjectA
GetTextMetricsA
CreatePalette
GetPixel
SetMapMode
SaveDC
SelectObject
CreatePen
CreateSolidBrush
CreateFontIndirectA
SetTextColor

user32

CharNextA
GetDesktopWindow
GetSystemMetrics
TranslateMessage
GetParent
GetDC

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Souqimtm
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Kwmxlh P
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

922fbee7c24d60218ddeaccaa1a37eb7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Souqimtm Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 25KB

Kwmxlh P Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 31KB - Virtual size: 30KB

.text
Size: 10KB - Virtual size: 10KB

Souqimtm
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 25KB

Kwmxlh P
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 31KB - Virtual size: 30KB