efe909739e8359833cf01a26886f1934_JaffaCakes118

General

Target

efe909739e8359833cf01a26886f1934_JaffaCakes118
Size

114KB
MD5

efe909739e8359833cf01a26886f1934
SHA1

56f4b9cab7aee91a43850530315583b7ec674ef7
SHA256

dc0cb60f8b0087b9609af439635fd75a3b4c1eda8be6e1b56b8b82fd03fe666d
SHA512

0109d6ba6966d78ae1a6413b421b19f266d407dca89df77325f35c042c82991c5fee970e2533b74e02da6a159a22d663e24efeacb0782847192e69d4c941b0d2
SSDEEP

1536:Fm/BWvfahxvWkC3PQQxOu0p6+9AhVVMSBqPpDkXlfoE7EmI8tzm2yC:Fm/BW3ag3PhsuMcVnBokXFzE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efe909739e8359833cf01a26886f1934_JaffaCakes118

Files

efe909739e8359833cf01a26886f1934_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4fd165d04384e570666768ba2b418646

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateCompatibleDC
RestoreDC
RectVisible
SetMapMode
LineTo
PatBlt
DeleteDC
SetTextAlign
SetPixel
SetTextColor
CreateFontIndirectA
DeleteObject
SelectPalette
GetClipBox
GetTextMetricsA
SelectObject
SaveDC
CreatePalette
GetPixel
CreateSolidBrush
GetStockObject
GetObjectA
SetStretchBltMode
GetDeviceCaps
CreatePen

user32

CharNextA
GetDesktopWindow
GetSystemMetrics
TranslateMessage
GetParent

kernel32

GetThreadLocale
GetStartupInfoA
GetCommandLineA
lstrcmpA
DeleteFileA
RemoveDirectoryW
GlobalFindAtomA
SetCurrentDirectoryA
RemoveDirectoryA
DeleteFileW
GetCurrentProcess
GetProcessHeap
GetUserDefaultLangID
GetOEMCP
lstrcmpiA
GlobalFindAtomW
GetConsoleOutputCP
lstrlenW
GetCommandLineW
GetCurrentThread
GetModuleHandleW
GetCurrentProcessId
lstrlenA
GetTickCount
lstrcmpiW
GetCurrentThreadId
GetACP
MulDiv
GetWindowsDirectoryA
CopyFileA
QueryPerformanceCounter
GetModuleHandleA
GetVersion
IsDebuggerPresent
GetDriveTypeA
VirtualAlloc
VirtualFree

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4fd165d04384e570666768ba2b418646

Headers

File Characteristics

Imports

gdi32

user32

kernel32

glu32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 79KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 79KB

.rsrc
Size: 13KB - Virtual size: 12KB