262066e3f3ede49b00dd1446b641886e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

262066e3f3ede49b00dd1446b641886e_JaffaCakes118
Size

169KB
MD5

262066e3f3ede49b00dd1446b641886e
SHA1

c1761337a9bf1de60a187c6793c3e31923cf8222
SHA256

dfe0956bfcc02624b46167376722a70723a68873b19f5c139beceea1c9b57a3b
SHA512

cc31bfa83cac9cb201d4172d5fa1a8e88d32a3c5539f98fb01709ba47419cf74454673850ac1bbdcd5ea939920c20d47ccd9fbf1b8af87a7aa7dff25cfc33e24
SSDEEP

3072:0YUHFnDw1tW9AdUTjqJ17B+eqDkum1q24xVAkZP4EL1+:ol6jdU3u17B+e1um1q24VZg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
262066e3f3ede49b00dd1446b641886e_JaffaCakes118

Files

262066e3f3ede49b00dd1446b641886e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

220a8021288f372365fab254af49d3ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetCommandLineW
GetCurrentThread
QueryPerformanceCounter
GetModuleHandleW
GetDriveTypeA
GetThreadLocale
DeleteFileW
GetTickCount
GlobalFindAtomW
GetCommandLineA
DeleteFileA
lstrcmpiA
RemoveDirectoryA
GetCurrentProcess
GetUserDefaultLangID
GetModuleHandleA
GetWindowsDirectoryA
lstrcmpiW
MulDiv
GetOEMCP
GetVersion
GetConsoleOutputCP
GetCurrentThreadId
VirtualAlloc
SetCurrentDirectoryA
lstrlenW
VirtualFree
GlobalFindAtomA
CopyFileA
GetStartupInfoA
lstrcmpA
GetACP
IsDebuggerPresent
GetProcessHeap
GetCurrentProcessId

gdi32

SetTextColor
CreatePalette
PatBlt
CreatePen
RestoreDC
CreateFontIndirectA
GetPixel
LineTo
GetClipBox
RectVisible
SetStretchBltMode
CreateCompatibleDC
GetDeviceCaps
GetObjectA
SaveDC
DeleteObject
SetMapMode
SelectObject
SelectPalette
GetStockObject
GetTextMetricsA
SetTextAlign
CreateSolidBrush
DeleteDC

user32

GetDC
GetDesktopWindow
CharNextA
TranslateMessage
GetParent
GetSystemMetrics

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Kucknune
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Pogmi, X
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

220a8021288f372365fab254af49d3ae

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 11KB - Virtual size: 10KB

Kucknune Size: 512B - Virtual size: 4KB

.rdata Size: 27KB - Virtual size: 26KB

Pogmi, X Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 11KB - Virtual size: 10KB

Kucknune
Size: 512B - Virtual size: 4KB

.rdata
Size: 27KB - Virtual size: 26KB

Pogmi, X
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 28KB - Virtual size: 28KB