1a6f4a6c40c3e7798ff8e14cd22b086b_JaffaCakes118

General

Target

1a6f4a6c40c3e7798ff8e14cd22b086b_JaffaCakes118
Size

113KB
MD5

1a6f4a6c40c3e7798ff8e14cd22b086b
SHA1

f51aecbcfee78384e84f54a81fc5f67532b8a4fe
SHA256

bf5200bed4436e3b936122d605e78b80d419d013ad0b72592348fac248a7ed8a
SHA512

b5db945146a112bdd41c6fe25f67d0e1b001bf4a68e9049a71342190b8ad31e253777116aef528969ec5bbb35760c50f2bd7cd16802d00954aacbd3239a43b24
SSDEEP

3072:uWgGsRY+uszFljBtoSP8d4/NqmHUDZR8hGS4W3H4B:j7xkISP8d4gmHkn8hGSF34

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a6f4a6c40c3e7798ff8e14cd22b086b_JaffaCakes118

Files

1a6f4a6c40c3e7798ff8e14cd22b086b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d5eaecc375d93b958d955b8426d01f79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
GlobalFindAtomW
DeleteFileA
GetCurrentThreadId
GetCommandLineA
GetCurrentProcess
GetStartupInfoA
lstrcmpiA
lstrlenW
lstrlenA
GetModuleHandleW
GetModuleHandleA
SetCurrentDirectoryA
RemoveDirectoryW
GetDriveTypeA
GetConsoleOutputCP
MulDiv
lstrcmpiW
GetOEMCP
GetProcessHeap
IsDebuggerPresent
GetUserDefaultLangID
GetVersion
QueryPerformanceCounter
GetCommandLineW
lstrcmpA
GlobalFindAtomA
GetTickCount
CopyFileA
DeleteFileW
RemoveDirectoryA
GetACP
GetCurrentProcessId
VirtualAlloc
VirtualFree
GetThreadLocale
GetCurrentThread

user32

CharNextA
GetParent
GetSystemMetrics
TranslateMessage
GetDesktopWindow

gdi32

GetStockObject
SetTextAlign
RectVisible
RestoreDC
SetPixel
SelectPalette
CreateCompatibleDC
CreateSolidBrush
SetStretchBltMode
GetTextMetricsA
GetObjectA
CreateFontIndirectA
GetPixel
GetDeviceCaps
CreatePen
SetMapMode
SetTextColor
SelectObject
PatBlt
GetClipBox
CreatePalette
DeleteObject
DeleteDC
SaveDC
LineTo

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5eaecc375d93b958d955b8426d01f79

Headers

File Characteristics

Imports

kernel32

user32

gdi32

glu32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 80KB - Virtual size: 80KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 80KB - Virtual size: 80KB

.rsrc
Size: 12KB - Virtual size: 12KB