26214f7d3cd7873cd746f090d29ebe84_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

26214f7d3cd7873cd746f090d29ebe84_JaffaCakes118
Size

168KB
MD5

26214f7d3cd7873cd746f090d29ebe84
SHA1

cce6eb597b02113c8a45247dfd1e973723ac8388
SHA256

7ecf57dead8353369b70281114fdb4d5d82e0103008e7f0fd991a3bee86282bd
SHA512

56c0f26c49ca281ab676f451305a4dcac1d28b3b3736c6680de2f1c382a0dd5d1618a8453d7cdb809c270dc8b6be87b2fca8881ac7999b50c26815e00f3c2c7e
SSDEEP

3072:CCsbSUdGg59Ko5MwpO6bFsDb2Bf+4p25WGT1/sgjbN6+maAzU7NH:CCsbSmEwTab624p25fKSbNLmaz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26214f7d3cd7873cd746f090d29ebe84_JaffaCakes118

Files

26214f7d3cd7873cd746f090d29ebe84_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3987c605f8b05783ab5af836867b34ac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
CharNextA
GetDesktopWindow
GetSystemMetrics
GetDC
GetParent

gdi32

SelectObject
LineTo
SetStretchBltMode
CreateSolidBrush
DeleteDC
GetStockObject
CreateCompatibleDC
SetMapMode
CreateFontIndirectA
GetPixel
GetClipBox
SetTextAlign
GetObjectA
RectVisible
RestoreDC
GetTextMetricsA
GetDeviceCaps
SaveDC
SelectPalette
CreatePalette
PatBlt
CreatePen
SetTextColor
DeleteObject

kernel32

GetProcessHeap
GetModuleHandleA
lstrlenA
GetThreadLocale
GetConsoleOutputCP
IsDebuggerPresent
GetCurrentProcess
lstrcmpiA
GlobalFindAtomA
DeleteFileW
GetTickCount
QueryPerformanceCounter
lstrlenW
GlobalFindAtomW
GetCommandLineW
GetCurrentThreadId
lstrcmpiW
GetCurrentThread
RemoveDirectoryA
SetCurrentDirectoryA
GetOEMCP
lstrcmpA
GetCommandLineA
GetCurrentProcessId
MulDiv
CopyFileA
GetWindowsDirectoryA
GetVersion
GetACP
VirtualAlloc
GetUserDefaultLangID
VirtualFree
GetModuleHandleW
GetDriveTypeA
GetStartupInfoA

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Gcwvwhwr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Rwacmask
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3987c605f8b05783ab5af836867b34ac

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

kernel32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Gcwvwhwr Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 25KB

Rwacmask Size: 512B - Virtual size: 4KB

.data Size: 101KB - Virtual size: 101KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 10KB - Virtual size: 10KB

Gcwvwhwr
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 25KB

Rwacmask
Size: 512B - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 101KB

.rsrc
Size: 28KB - Virtual size: 28KB