1782fd1fb519e9b7e3763d843d13be7a_JaffaCakes118

General

Target

1782fd1fb519e9b7e3763d843d13be7a_JaffaCakes118
Size

116KB
MD5

1782fd1fb519e9b7e3763d843d13be7a
SHA1

15085db42b98dd8cfaed55cf0b828a895a42c5dc
SHA256

6dccdb033e6804c7cf77b1356684be8addbcf07a0db728834c04f3a91fae1792
SHA512

1a54abe8e5f815bb86e1e6b2ab8b32272fdfeaca13a4848a21dffc2ec2613fd42db3ab7ebe933080239603bff3e239c0cde125501e295af83e177cc91dd54fc4
SSDEEP

3072:A7PL8QTPeQifePSSOTzqD8rnvTm65O/UWOMX:OL8vte6SOnmt//

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1782fd1fb519e9b7e3763d843d13be7a_JaffaCakes118

Files

1782fd1fb519e9b7e3763d843d13be7a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bb2051aa809dd07f7fb2693eeaec17ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

RectVisible
SetStretchBltMode
DeleteObject
CreateCompatibleDC
LineTo
SelectObject
CreateSolidBrush
GetDeviceCaps
SelectPalette
SaveDC
CreatePen
GetStockObject
SetMapMode
GetObjectA
GetPixel
PatBlt
SetTextAlign
GetTextMetricsA
GetClipBox
CreateFontIndirectA
CreatePalette
DeleteDC
SetTextColor
RestoreDC
SetPixel

kernel32

GetConsoleOutputCP
GetCurrentProcessId
DeleteFileA
lstrcmpA
lstrlenW
SetCurrentDirectoryA
QueryPerformanceCounter
GetStartupInfoA
RemoveDirectoryA
GetCommandLineW
GetVersion
GetModuleHandleW
VirtualAlloc
GetProcessHeap
GlobalFindAtomA
VirtualFree
lstrcmpiA
GetUserDefaultLangID
GetCurrentThread
GetACP
lstrlenA
CopyFileA
GetModuleHandleA
GlobalFindAtomW
GetCommandLineA
MulDiv
GetDriveTypeA
GetCurrentProcess
GetWindowsDirectoryA
IsDebuggerPresent
GetCurrentThreadId
GetOEMCP
GetThreadLocale
DeleteFileW
lstrcmpiW
RemoveDirectoryW

user32

CharNextA
GetParent
TranslateMessage
GetSystemMetrics
GetDesktopWindow

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb2051aa809dd07f7fb2693eeaec17ec

Headers

File Characteristics

Imports

gdi32

kernel32

user32

glu32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 80KB - Virtual size: 79KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 80KB - Virtual size: 79KB

.rsrc
Size: 15KB - Virtual size: 14KB