0ba636239dc516980453b2931e007edb_JaffaCakes118

General

Target

0ba636239dc516980453b2931e007edb_JaffaCakes118
Size

196KB
MD5

0ba636239dc516980453b2931e007edb
SHA1

970b8e9563c150c9332bbb4bb5f61b127a80e131
SHA256

b4e03c36c3d3e1349c870ac85e196c6d984372d7e0bdc9a3bb288f915fc016e7
SHA512

a66b8d5c821245bdc310d05cef869ce5ad08e1943e48702024a94d3cc0ae004582806473d514e683c36a14520f3a2ffc33b6ef30f10a95c824399aeb82c52a22
SSDEEP

3072:B2KTXt3dkNny3fUvhmQFyB6rI0DeST8LTp6oMxsuSq8inFDwGidm1Hapw/vCjcfw:cBUsuBM98LTkPuuP7FEmH4wSwuOM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ba636239dc516980453b2931e007edb_JaffaCakes118

Files

0ba636239dc516980453b2931e007edb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3d7fbe5e023b5fbfccb130db3727caa1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
FreeLibrary
FindClose
FindResourceW
GetUserDefaultLCID
GetCurrentThreadId
TlsAlloc
RaiseException
DeleteCriticalSection
GlobalMemoryStatus
GetTickCount
GlobalFree
LeaveCriticalSection
SetUnhandledExceptionFilter
lstrlenW
WriteFile
GetFileTime
HeapAlloc
TlsGetValue
GetExitCodeThread
GetSystemInfo
GetStdHandle
GetConsoleMode
GetModuleFileNameW
LocalFree
GetCurrentProcess
CopyFileA
lstrcmpiW
ExitProcess
WideCharToMultiByte
Sleep
LoadLibraryW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
RemoveDirectoryW
GetLastError
GetModuleHandleW
GetLocalTime
InterlockedDecrement
RtlUnwind
GetStartupInfoA
HeapCreate
FreeEnvironmentStringsA
VirtualQuery
GlobalLock
GetLocaleInfoA
VirtualAlloc

msvcrt

wcschr
_wcsicmp
memset
_exit
wcsstr

user32

SetFocus
CopyRect
SetWindowRgn
PtInRect
GetMenu
LoadMenuW
SetRect
CheckMenuItem
EndDialog
SendMessageA
GetSystemMetrics
IsDialogMessageA
GetSystemMenu
CreateWindowExA
ShowWindow
DefWindowProcW
EnableWindow
DrawFocusRect
GetKeyState

gdi32

StretchDIBits
CreateFontIndirectW
SetBkMode
LineTo
StretchBlt
CreateCompatibleBitmap
SetStretchBltMode

opengl32

glRotatef

Sections

.text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d7fbe5e023b5fbfccb130db3727caa1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

opengl32

Sections

.text Size: 123KB - Virtual size: 122KB

.rdata Size: 65KB - Virtual size: 64KB

.data Size: 4KB - Virtual size: 140KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 123KB - Virtual size: 122KB

.rdata
Size: 65KB - Virtual size: 64KB

.data
Size: 4KB - Virtual size: 140KB

.rsrc
Size: 3KB - Virtual size: 2KB