186b43346313a8a8d698584e2beb99ca_JaffaCakes118

General

Target

186b43346313a8a8d698584e2beb99ca_JaffaCakes118
Size

115KB
MD5

186b43346313a8a8d698584e2beb99ca
SHA1

580a0b90a163c8ec4f26a74d26b43cbb4564fb05
SHA256

7c30b7605f54ed8da7439f89942d3f12e5af4a6f12aae7e5149eb880b7197986
SHA512

bd63f680d666c32357f7d1e1c9e07fbb3e051ec7d3b85df395164f8023133683d044ac4977c1d6cea7ce36724a97df8c0fae069be7c188d0d9c59105e6511d73
SSDEEP

1536:reSLa7qr26Uo2DuMFQMWMxXMMvSCqQlcQBrH1fubSVSGFG2MTATReP6jx+a/Mku:iS+7EsD+ixXMsSCqQl1FG23TRLV+aU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
186b43346313a8a8d698584e2beb99ca_JaffaCakes118

Files

186b43346313a8a8d698584e2beb99ca_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d6159b3a583fd5180adb5804bde60294

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
GetParent
CharNextA
GetDesktopWindow
TranslateMessage

kernel32

GetCurrentProcess
GetThreadLocale
CopyFileA
GetConsoleOutputCP
GetModuleHandleW
lstrcmpiA
IsDebuggerPresent
RemoveDirectoryA
GetVersion
GetWindowsDirectoryA
GetDriveTypeA
QueryPerformanceCounter
lstrlenA
RemoveDirectoryW
GetStartupInfoA
MulDiv
DeleteFileA
DeleteFileW
GetOEMCP
GetUserDefaultLangID
GetProcessHeap
lstrlenW
GetCurrentProcessId
GetModuleHandleA
GetCurrentThreadId
GlobalFindAtomW
GetACP
GlobalFindAtomA
SetCurrentDirectoryA
lstrcmpA
GetTickCount
GetCommandLineW
VirtualAlloc
VirtualFree
GetCommandLineA
lstrcmpiW

gdi32

CreatePalette
CreatePen
GetTextMetricsA
SelectPalette
GetStockObject
GetPixel
SetTextColor
SetMapMode
PatBlt
RectVisible
CreateCompatibleDC
SetPixel
DeleteDC
SetStretchBltMode
CreateSolidBrush
GetClipBox
GetDeviceCaps
LineTo
SaveDC
RestoreDC
SelectObject
GetObjectA
CreateFontIndirectA
SetTextAlign
DeleteObject

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6159b3a583fd5180adb5804bde60294

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 80KB - Virtual size: 79KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 80KB - Virtual size: 79KB

.rsrc
Size: 13KB - Virtual size: 13KB