0b7bfc530ac65278966f52af2d483c9a_JaffaCakes118

General

Target

0b7bfc530ac65278966f52af2d483c9a_JaffaCakes118
Size

105KB
MD5

0b7bfc530ac65278966f52af2d483c9a
SHA1

854e09e0e28e374b6d4cb757cef76b060dcf30f6
SHA256

1a51e77f49da3cb39341f5005b33fe4aea509e1dc4b153693c34d8f1056d545c
SHA512

eb5f583aa3bfcde0a7274aa2b34593126871620a864622a6f38b0d57af4447784d935a22aa8a92aca55988ba5d6e7046c20888b4b4e8872529e4d44372db271e
SSDEEP

3072:1X07lTw97oAV2hXnZ/CPyX+gHNZxPA0JU2Qv0LmE:xcAV2VZ/CPYNZxPvC2A0L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b7bfc530ac65278966f52af2d483c9a_JaffaCakes118

Files

0b7bfc530ac65278966f52af2d483c9a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

344a334d98eb12b9cf9ab750d3450d87

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
RemoveDirectoryA
GlobalFindAtomW
GetThreadLocale
GetWindowsDirectoryA
lstrcmpA
GetModuleHandleA
QueryPerformanceCounter
GetModuleHandleW
GetCommandLineW
GetUserDefaultLangID
lstrlenA
GetConsoleOutputCP
VirtualAlloc
DeleteFileW
GetCurrentProcessId
MulDiv
GetCurrentThreadId
GetDriveTypeA
GetACP
VirtualFree
GetCurrentThread
lstrcmpiW
GetTickCount
SetCurrentDirectoryA
GetVersion
lstrcmpiA
DeleteFileA
GetOEMCP
RemoveDirectoryW
GetCommandLineA
GetStartupInfoA
CopyFileA
GlobalFindAtomA
GetCurrentProcess
lstrlenW
ExitProcess
GetProcessHeap

gdi32

CreateFontIndirectA
CreatePalette
SetTextAlign
RestoreDC
GetClipBox
PatBlt
GetTextMetricsA
GetObjectA
CreateSolidBrush
SetStretchBltMode
SetMapMode
GetStockObject
GetDeviceCaps
LineTo
CreateCompatibleDC
SaveDC
CreatePen
DeleteObject
RectVisible
DeleteDC
GetNearestPaletteIndex
SelectObject
SetTextColor
SelectPalette
GetPixel

user32

GetSystemMetrics
TranslateMessage
GetDC
CharNextA
GetParent
GetDesktopWindow

glu32

gluQuadricCallback

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

344a334d98eb12b9cf9ab750d3450d87

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 71KB - Virtual size: 71KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 71KB - Virtual size: 71KB

.rsrc
Size: 13KB - Virtual size: 12KB