15a1f522e2e9a2493f8ef25f1aed0c0b_JaffaCakes118

General

Target

15a1f522e2e9a2493f8ef25f1aed0c0b_JaffaCakes118
Size

115KB
MD5

15a1f522e2e9a2493f8ef25f1aed0c0b
SHA1

f8c26106c8ef602f0e5db809d07f1300e67632a2
SHA256

d370a8648c783456f9231a669750aff1e9b483ac4f28584b058f1eb284038a19
SHA512

0bc80ef55c97a9b958c0493c75f9b1b9b3eb26e4fdae8d0c1c50feb9eadf313b26f3361476299410d9f588ecc14227b7e98af6739d9c938f94950eeb711281ea
SSDEEP

3072:qA9C4Galx/bXRZ4WJIz0+W3R3RiNyDvyf5Hib9dkV0BQ2t:qA9+allRZez0nOyPc5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15a1f522e2e9a2493f8ef25f1aed0c0b_JaffaCakes118

Files

15a1f522e2e9a2493f8ef25f1aed0c0b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a409503412d29fcbcd569421533d1bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextMetricsA
PatBlt
RestoreDC
GetObjectA
GetPixel
LineTo
SetMapMode
GetDeviceCaps
SetTextColor
CreateCompatibleDC
SaveDC
SelectPalette
SetPixel
CreatePalette
DeleteDC
SetStretchBltMode
GetClipBox
SetTextAlign
CreateSolidBrush
GetStockObject
DeleteObject
RectVisible
CreateFontIndirectA
SelectObject
CreatePen

kernel32

DeleteFileW
lstrlenW
GlobalFindAtomA
GetCurrentThreadId
GetCurrentProcessId
GetCommandLineA
RemoveDirectoryA
GetModuleHandleA
MulDiv
GlobalFindAtomW
GetConsoleOutputCP
GetModuleHandleW
GetStartupInfoA
lstrcmpiW
RemoveDirectoryW
GetACP
GetDriveTypeA
DeleteFileA
lstrlenA
lstrcmpA
GetWindowsDirectoryA
lstrcmpiA
GetCommandLineW
GetCurrentProcess
GetProcessHeap
GetUserDefaultLangID
QueryPerformanceCounter
CopyFileA
GetTickCount
GetVersion
GetCurrentThread
GetThreadLocale
GetOEMCP
SetCurrentDirectoryA
IsDebuggerPresent
VirtualAlloc
VirtualFree

user32

GetSystemMetrics
GetParent
CharNextA
GetDesktopWindow
TranslateMessage

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a409503412d29fcbcd569421533d1bb

Headers

File Characteristics

Imports

gdi32

kernel32

user32

glu32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 78KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 14KB - Virtual size: 14KB