0b5fbbae7d200d1f158429a408275290_JaffaCakes118

General

Target

0b5fbbae7d200d1f158429a408275290_JaffaCakes118
Size

109KB
MD5

0b5fbbae7d200d1f158429a408275290
SHA1

bd3ce7eb1e8c3bf8a313d5904ec3b209e4dcb7ad
SHA256

c1362f73241c10d1e162f7f1ae743c5c1dd39b19a5313ab8dc49c0af56160c61
SHA512

8cd68ebf01bd8b13187b593ccfc799e0cbbc1081c840453c3f89695256cfa86999ff7e60472ea5b031142f3ceca10bee4a0cd65aa5c82f12dce42edcedc4f73c
SSDEEP

1536:UNVdFxIR6Ul35vDZ6tvBJurApHjwLfNUTkaKd9jKO8M5Xw3VrsykkPM:CV9IR6UlpvEvBJuJ9j4M5Xwty

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b5fbbae7d200d1f158429a408275290_JaffaCakes118

Files

0b5fbbae7d200d1f158429a408275290_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e57c0878803ec023bd92af234ef3b0c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
GetOEMCP
GetVersion
GetACP
lstrlenW
GlobalFindAtomW
GetUserDefaultLangID
RemoveDirectoryA
GetThreadLocale
GetCommandLineA
GetConsoleOutputCP
GetProcessHeap
lstrlenA
GetStartupInfoA
GetCurrentProcess
VirtualAlloc
VirtualFree
SetCurrentDirectoryA
MulDiv
GetTickCount
QueryPerformanceCounter
CopyFileA
GetModuleHandleA
GetCurrentProcessId
GlobalFindAtomA
lstrcmpA
DeleteFileW
GetCommandLineW
DeleteFileA
GetCurrentThreadId
lstrcmpiA
GetCurrentThread
GetWindowsDirectoryA
RemoveDirectoryW
GetDriveTypeA

user32

GetSystemMetrics
CharNextA
TranslateMessage
GetDesktopWindow
GetParent

gdi32

SetStretchBltMode
CreatePalette
CreateSolidBrush
GetPixel
SaveDC
CreateFontIndirectA
RestoreDC
GetObjectA
SetTextAlign
GetStockObject
CreatePen
PatBlt
CreateCompatibleDC
RectVisible
GetDeviceCaps
GetClipBox
SetTextColor
LineTo
SelectObject
GetTextMetricsA
DeleteDC
DeleteObject
SetMapMode
SelectPalette
SetPixel

glu32

gluQuadricCallback

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e57c0878803ec023bd92af234ef3b0c6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

glu32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 78KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 11KB - Virtual size: 10KB