e8c4aaf43d57321849526f5a1fdb65c8_JaffaCakes118

General

Target

e8c4aaf43d57321849526f5a1fdb65c8_JaffaCakes118
Size

138KB
MD5

e8c4aaf43d57321849526f5a1fdb65c8
SHA1

ed1f5f39d70e8d16fecc17ae19ccc94f36f53bf5
SHA256

e5aa7fa6409f620916e4b86d6d6f0654d84fab09a38283c05fdab6b0d4271f20
SHA512

9731f89519f31524182978fe2d0acce703a6110cb19e4ecc53a70d00e32e7e4a2752b953578a7cab0289ce1d28d4c7c60d40e6c245ef7638688e5b250af1a2ff
SSDEEP

3072:P7DVwiHb02ceXD5GUSVMU9J72CL7JYdkdQW1+giPlN:Ptwf04N2CLUkf+zPD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8c4aaf43d57321849526f5a1fdb65c8_JaffaCakes118

Files

e8c4aaf43d57321849526f5a1fdb65c8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ded85b277863625c02df6bf6743fe2a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
MulDiv
IsDebuggerPresent
lstrcmpiA
lstrcmpiW
GetModuleHandleW
RemoveDirectoryA
DeleteFileA
lstrlenA
lstrcmpA
GetStartupInfoA
DeleteFileW
GetDriveTypeA
GetWindowsDirectoryA
SetCurrentDirectoryA
GetProcessHeap
GetConsoleOutputCP
GetCommandLineA
GetACP
GetCurrentThreadId
GlobalFindAtomA
GetModuleHandleA
GetThreadLocale
GetOEMCP
CopyFileA
GetUserDefaultLangID
GetVersion
GetTickCount
QueryPerformanceCounter
RemoveDirectoryW
GetCurrentThread
GlobalFindAtomW
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
VirtualAlloc
VirtualFree

user32

CharNextA
GetSystemMetrics
GetDesktopWindow
GetParent
TranslateMessage

gdi32

GetTextMetricsA
CreateFontIndirectA
GetObjectA
RestoreDC
GetClipBox
SetMapMode
SelectObject
CreateCompatibleDC
GetStockObject
GetDeviceCaps
CreatePalette
RectVisible
LineTo
SetTextAlign
DeleteDC
DeleteObject
SetTextColor
CreateSolidBrush
SetStretchBltMode
CreatePen
SelectPalette
SaveDC
GetPixel
SetPixel
PatBlt

glu32

gluQuadricCallback

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ded85b277863625c02df6bf6743fe2a5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

glu32

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 79KB - Virtual size: 79KB

.rsrc Size: 37KB - Virtual size: 40KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 79KB - Virtual size: 79KB

.rsrc
Size: 37KB - Virtual size: 40KB