1878220969c95b89ca69b93c5ebf31df_JaffaCakes118

General

Target

1878220969c95b89ca69b93c5ebf31df_JaffaCakes118
Size

166KB
MD5

1878220969c95b89ca69b93c5ebf31df
SHA1

e5845ba86b7879974d071405114e1111a80ef6e3
SHA256

ef53b1b1f89e827109b9d069cd5cfd3b06be2460fd487d7ecc892e7b8afe5a37
SHA512

1e9369fb88c84c28444b41b6e034498514eff7de2c2d5f33c84dd5691a9f3663548a190842ed05a9f7e9fa6acba2550021748b5dfbc5d8237d29435ccb0f7505
SSDEEP

3072:LvrQjnbsVcdQD+PtJ0kW43Gkv2q0SVDlnKmih3:DQsVcdQD+VGk3GkvbNFO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1878220969c95b89ca69b93c5ebf31df_JaffaCakes118

Files

1878220969c95b89ca69b93c5ebf31df_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ef655ea3800c8ff9fdce91a862ea7984

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
GetDesktopWindow
GetParent
CharNextA
GetDC
GetSystemMetrics

kernel32

GetCurrentThread
CopyFileA
GlobalFindAtomA
GetCommandLineW
GetProcessHeap
VirtualAlloc
VirtualFree
GetCurrentProcessId
GetACP
lstrcmpA
GlobalFindAtomW
GetVersion
MulDiv
GetTickCount
GetConsoleOutputCP
GetStartupInfoA
QueryPerformanceCounter
GetThreadLocale
lstrcmpiA
RemoveDirectoryA
lstrlenW
lstrcmpiW
GetDriveTypeA
DeleteFileA
DeleteFileW
lstrlenA
GetCommandLineA
GetCurrentThreadId
IsDebuggerPresent
GetCurrentProcess
GetOEMCP
GetModuleHandleW
SetCurrentDirectoryA

gdi32

DeleteDC
CreatePalette
SaveDC
GetTextMetricsA
CreateSolidBrush
CreateCompatibleDC
GetClipBox
SelectObject
SetMapMode
SetStretchBltMode
RestoreDC
GetPixel
SetTextColor
GetDeviceCaps
PatBlt
GetObjectA
SelectPalette
SetTextAlign
DeleteObject
RectVisible
LineTo
GetStockObject
CreatePen
CreateFontIndirectA

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Alrfr Nq
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Ahsno Mg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef655ea3800c8ff9fdce91a862ea7984

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Alrfr Nq Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 25KB

Ahsno Mg Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 10KB - Virtual size: 10KB

Alrfr Nq
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 25KB

Ahsno Mg
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 28KB - Virtual size: 28KB