14ef3caa9878afd42f8fe233e3b5d96d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14ef3caa9878afd42f8fe233e3b5d96d_JaffaCakes118
Size

169KB
MD5

14ef3caa9878afd42f8fe233e3b5d96d
SHA1

23ec963c61ceba19da00596f3578e8b437465fb5
SHA256

6f9de9838c982a3d6943ccef2236dc75e8520c169278ab5bb864e7b0dda65450
SHA512

308cb8d1690316d3ec5d36a36deba6cd9d00e5db30b10ca65e6dea2632897d76dab5ea1a516064cda1a116d5d31d89e53f27bf2d087a12fa2047fb1c0beb4bbd
SSDEEP

3072:C2/mMP39WJfHZj2FjbvN2LBf+OJuw8FISKXab9Vgi:XztWh1w8mOJufIHaj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14ef3caa9878afd42f8fe233e3b5d96d_JaffaCakes118

Files

14ef3caa9878afd42f8fe233e3b5d96d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9b7c0e79ade8b2430794d8f4b51d1662

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
GlobalFindAtomA
GetACP
GetThreadLocale
GetDriveTypeA
GetCurrentThreadId
GetProcessHeap
lstrlenA
SetCurrentDirectoryA
CopyFileA
GetModuleHandleA
DeleteFileA
GetUserDefaultLangID
MulDiv
lstrlenW
GetCurrentThread
lstrcmpiW
GetVersion
GlobalFindAtomW
DeleteFileW
GetStartupInfoA
IsDebuggerPresent
RemoveDirectoryA
GetConsoleOutputCP
lstrcmpiA
GetModuleHandleW
GetCurrentProcessId
GetCurrentProcess
GetCommandLineA
QueryPerformanceCounter
GetWindowsDirectoryA
GetOEMCP
VirtualAlloc
VirtualFree
GetCommandLineW
GetTickCount

gdi32

RectVisible
CreatePalette
SetMapMode
GetPixel
DeleteDC
GetDeviceCaps
RestoreDC
DeleteObject
GetStockObject
CreateFontIndirectA
SetStretchBltMode
CreateSolidBrush
LineTo
PatBlt
SelectObject
SetTextAlign
SetTextColor
GetClipBox
CreateCompatibleDC
SelectPalette
GetTextMetricsA
SaveDC
GetObjectA
CreatePen

user32

CharNextA
GetDC
GetSystemMetrics
GetDesktopWindow
GetParent
TranslateMessage

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Nmeggc S
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Ujahtbsp
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b7c0e79ade8b2430794d8f4b51d1662

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 11KB - Virtual size: 10KB

Nmeggc S Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 25KB

Ujahtbsp Size: 512B - Virtual size: 4KB

.data Size: 101KB - Virtual size: 100KB

.rsrc Size: 29KB - Virtual size: 29KB

.text
Size: 11KB - Virtual size: 10KB

Nmeggc S
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 25KB

Ujahtbsp
Size: 512B - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 29KB - Virtual size: 29KB