2ab357facb661c2bc051095b06eab908_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ab357facb661c2bc051095b06eab908_JaffaCakes118
Size

166KB
MD5

2ab357facb661c2bc051095b06eab908
SHA1

b774d58012902201dd1c860ad2e8060dd1a907fa
SHA256

a368c0db36664aea5423ca2daa0555cb305d0b0c401933535a1efd05cd85f6aa
SHA512

91d05b3d044ed0c69ebc5cb24ee930c69a5f6892fc5a62150f0024452d4be0e5ef13678e4307ca6a919d84d477c163f9b9c98188c99e8892b2c8971b055415fe
SSDEEP

3072:2S4WlndATqBpOVetLFX9PQi1pcXuaaw7arIFx9G1i:2S1lnmTUOc3X9PQocXurZsEi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ab357facb661c2bc051095b06eab908_JaffaCakes118

Files

2ab357facb661c2bc051095b06eab908_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c23df94c8172aa7755da13b65570c43f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SelectObject
PatBlt
GetTextMetricsA
SetTextColor
GetObjectA
RestoreDC
CreatePalette
DeleteObject
GetDeviceCaps
GetStockObject
SetTextAlign
SetMapMode
RectVisible
DeleteDC
CreateSolidBrush
CreateCompatibleDC
LineTo
GetClipBox
GetPixel
CreatePen
SelectPalette
SetStretchBltMode

user32

CharNextA
GetDC
GetParent
TranslateMessage
GetSystemMetrics
GetDesktopWindow

kernel32

SetCurrentDirectoryA
GetOEMCP
GetCommandLineW
GetVersion
DeleteFileW
GetModuleHandleA
GetStartupInfoA
VirtualAlloc
VirtualFree
GetCurrentProcessId
GetUserDefaultLangID
GlobalFindAtomW
GetProcessHeap
MulDiv
CopyFileA
GlobalFindAtomA
IsDebuggerPresent
GetWindowsDirectoryA
GetDriveTypeA
QueryPerformanceCounter
lstrcmpA
GetCurrentProcess
GetConsoleOutputCP
lstrcmpiW
GetCommandLineA
DeleteFileA
lstrcmpiA
GetACP
RemoveDirectoryA
GetModuleHandleW
lstrlenW
lstrlenA
GetTickCount
GetThreadLocale
GetCurrentThread

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Hcaax, Q
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Giucsxik
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c23df94c8172aa7755da13b65570c43f

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

kernel32

glu32

Sections

.text Size: 11KB - Virtual size: 10KB

Hcaax, Q Size: 512B - Virtual size: 4KB

.rdata Size: 24KB - Virtual size: 24KB

Giucsxik Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 11KB - Virtual size: 10KB

Hcaax, Q
Size: 512B - Virtual size: 4KB

.rdata
Size: 24KB - Virtual size: 24KB

Giucsxik
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 28KB - Virtual size: 27KB