f08b71e04eccb6384f4e3a4d2be4f9cc_JaffaCakes118

General

Target

f08b71e04eccb6384f4e3a4d2be4f9cc_JaffaCakes118
Size

113KB
MD5

f08b71e04eccb6384f4e3a4d2be4f9cc
SHA1

6882efb0151c46b6682e348fe34c778f33a6aa1b
SHA256

e602d97efcb54b3235b6aaa338b2fd5a0d25dbf7a4934ffc3e7e605bcd6396a6
SHA512

f593e8ff4c105807a86de3cdd857e7101404ad0a8f3a2e457a640c6c380aadb87461b53c2f800b52d6b5b1fec55a5e2c46ed37419b33914749eceefea4c5e8eb
SSDEEP

1536:czq4Q5uC0HVZxpDgOsuuHYg9napUvK94mYgiO0Cg73Hz2tu8HTLyIg:cOpY6uHg5+UvK6mYgiO1gjHirPzg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f08b71e04eccb6384f4e3a4d2be4f9cc_JaffaCakes118

Files

f08b71e04eccb6384f4e3a4d2be4f9cc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9c0c362bc3d3707ec840aa517e6e1a4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
GetOEMCP
lstrcmpiA
GetACP
GlobalFindAtomW
GetTickCount
GetCurrentProcess
IsDebuggerPresent
CopyFileA
GetCurrentThreadId
GetProcessHeap
GetCurrentProcessId
GetWindowsDirectoryA
GetCommandLineA
DeleteFileW
QueryPerformanceCounter
lstrlenW
MulDiv
lstrcmpiW
GetCurrentThread
RemoveDirectoryW
GetStartupInfoA
GlobalFindAtomA
lstrcmpA
GetThreadLocale
GetUserDefaultLangID
GetVersion
GetConsoleOutputCP
RemoveDirectoryA
lstrlenA
DeleteFileA
SetCurrentDirectoryA
GetCommandLineW
GetModuleHandleA
GetModuleHandleW
VirtualAlloc
VirtualFree

user32

GetParent
CharNextA
TranslateMessage
GetSystemMetrics
GetDesktopWindow

gdi32

GetObjectA
SelectObject
CreateSolidBrush
RectVisible
GetTextMetricsA
PatBlt
CreatePen
GetClipBox
CreateCompatibleDC
DeleteDC
SetPixel
SelectPalette
CreateFontIndirectA
GetPixel
SaveDC
SetTextColor
DeleteObject
RestoreDC
CreatePalette
LineTo
GetStockObject
SetStretchBltMode
SetTextAlign
SetMapMode
GetDeviceCaps

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c0c362bc3d3707ec840aa517e6e1a4e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

glu32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 79KB - Virtual size: 79KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 79KB - Virtual size: 79KB

.rsrc
Size: 12KB - Virtual size: 12KB