45e097fae1bfd51a12b86adf1b06376d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

45e097fae1bfd51a12b86adf1b06376d_JaffaCakes118
Size

166KB
MD5

45e097fae1bfd51a12b86adf1b06376d
SHA1

f5e44266cfaa678c10b2182291a5a5c0cb126a32
SHA256

a52b779b1b6daf4bf7686a188c23367a117fd048b8ddc4cfc0a7f2165b92a16f
SHA512

7c32b65bf671153cbdd82e3fb5ec3ad71e1940d46907881e8ad90f65496a64839ff3affe2fa6c45152b5746e9ff97f81460865ef2ddd56dd139d10e645c2fb99
SSDEEP

3072:5SqZaOiHO8dZWQO4iYMM506+XO6kZd3sZZNLFjCJ0I:5SPFdZPOyHc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45e097fae1bfd51a12b86adf1b06376d_JaffaCakes118

Files

45e097fae1bfd51a12b86adf1b06376d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

45755bd2363ff844d57ddb7da8396cdc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
CharNextA
GetSystemMetrics
TranslateMessage
GetParent
GetDesktopWindow

kernel32

GetModuleHandleW
DeleteFileW
GetTickCount
GlobalFindAtomW
GetCurrentThread
lstrcmpiA
GetThreadLocale
GetACP
GetStartupInfoA
GetCommandLineA
GetCurrentProcess
SetCurrentDirectoryA
lstrlenA
CopyFileA
GetOEMCP
GetVersion
GetCurrentThreadId
VirtualAlloc
RemoveDirectoryA
VirtualFree
IsDebuggerPresent
lstrcmpA
GlobalFindAtomA
lstrcmpiW
DeleteFileA
GetUserDefaultLangID
MulDiv
GetCommandLineW
QueryPerformanceCounter
GetProcessHeap
GetConsoleOutputCP
lstrlenW
GetModuleHandleA
GetDriveTypeA
GetWindowsDirectoryA

gdi32

RestoreDC
RectVisible
PatBlt
SetTextAlign
CreatePen
DeleteObject
GetStockObject
GetDeviceCaps
SetTextColor
SelectPalette
GetObjectA
SetMapMode
CreatePalette
SaveDC
SetStretchBltMode
CreateFontIndirectA
LineTo
SelectObject
CreateSolidBrush
GetClipBox
CreateCompatibleDC
GetPixel
GetTextMetricsA
DeleteDC

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Pkkvw Tt
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Idcmggly
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45755bd2363ff844d57ddb7da8396cdc

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Pkkvw Tt Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 24KB

Idcmggly Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 10KB - Virtual size: 10KB

Pkkvw Tt
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 24KB

Idcmggly
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 28KB - Virtual size: 28KB