15b06cfa4551234780635a52032ff67e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

15b06cfa4551234780635a52032ff67e_JaffaCakes118
Size

83KB
MD5

15b06cfa4551234780635a52032ff67e
SHA1

7c0c17158e62734bd5102accce89167edb795226
SHA256

b317d3318326f853c127f75fa57b07737686845c405e53be2fcfc17aa3bbac56
SHA512

c0147946ac10836bc6c75f6891fb46e3471441e201e0fbb74591a98d444a9271175b7a27ab74200d60331e25a21b7df3a054910d374b4157b43d69001508a3ae
SSDEEP

1536:ziUZqcFcNi+U7AgU/GNZxDOcIz/atg93UofFtfv0z:+InIuLxDOFzSu9ZFVsz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15b06cfa4551234780635a52032ff67e_JaffaCakes118

Files

15b06cfa4551234780635a52032ff67e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5448c44d4b0d9e8c0844fa491e11cf24

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetWindowsDirectoryA
GetModuleHandleW
GetOEMCP
lstrlenW
SetCurrentDirectoryA
lstrcmpA
GetCommandLineA
GetCurrentProcessId
RemoveDirectoryA
GlobalFindAtomA
GetCommandLineW
GetConsoleOutputCP
GetCurrentThreadId
GetCurrentThread
MulDiv
GetStartupInfoA
GetThreadLocale
GetACP
DeleteFileW
lstrcmpiW
lstrcmpiA
QueryPerformanceCounter
DeleteFileA
lstrlenA
CopyFileA
GetCurrentProcess
GetProcessHeap
GetModuleHandleA
GetDriveTypeA
GetTickCount
IsDebuggerPresent
GlobalFindAtomW
GetUserDefaultLangID
VirtualAlloc
VirtualFree

gdi32

CreatePalette
SelectObject
RestoreDC
CreatePen
PatBlt
SetStretchBltMode
CreateFontIndirectA
SetTextColor
GetStockObject
SetTextAlign
GetObjectA
SelectPalette
DeleteObject
CreateCompatibleDC
SaveDC
DeleteDC
GetPixel
GetTextMetricsA
GetDeviceCaps
LineTo
RectVisible
SetMapMode
GetClipBox
CreateSolidBrush

user32

CharNextA
GetDesktopWindow
GetDC
TranslateMessage
GetSystemMetrics
GetParent

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Vrlrytor
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Fdxoeb C
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5448c44d4b0d9e8c0844fa491e11cf24

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 11KB - Virtual size: 11KB

Vrlrytor Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 25KB

Fdxoeb C Size: 512B - Virtual size: 4KB

.data Size: 101KB - Virtual size: 100KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 11KB - Virtual size: 11KB

Vrlrytor
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 25KB

Fdxoeb C
Size: 512B - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 28KB - Virtual size: 27KB