1b72d11f4fdaa56b604f7421d8cabbb0_JaffaCakes118

General

Target

1b72d11f4fdaa56b604f7421d8cabbb0_JaffaCakes118
Size

117KB
MD5

1b72d11f4fdaa56b604f7421d8cabbb0
SHA1

ef579c9471e84519b7eed153153deae4a6478cac
SHA256

1781357a3ce18d0beab86349232fa1d4d3225d171dc26c395785854c44842a14
SHA512

4844c9f9b2af3b47e832e2c7ecb0951049a20d743eb205c5cb07d611ae23032374b19c3a634be4c173158a996ffbaecc76971468d6ef718944df31804a802238
SSDEEP

1536:TquctTmaUH5pIj9P05NouP3gF3xsYItzFvI7bboyIDm1fD3ByhiSpj/lZae7TsjQ:TkNw5wpmNbY3xdIXEvID2f0hZaGsR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b72d11f4fdaa56b604f7421d8cabbb0_JaffaCakes118

Files

1b72d11f4fdaa56b604f7421d8cabbb0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d2974e93f62a0ecec00fa91dcedaae78

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetDriveTypeA
GetCommandLineA
GetVersion
MulDiv
GetWindowsDirectoryA
GetModuleHandleA
GetConsoleOutputCP
GetCurrentThread
GetModuleHandleW
GetCommandLineW
QueryPerformanceCounter
GlobalFindAtomW
RemoveDirectoryA
GetCurrentProcess
SetCurrentDirectoryA
IsDebuggerPresent
GetThreadLocale
GetStartupInfoA
lstrlenW
lstrcmpiW
lstrcmpA
lstrcmpiA
GetTickCount
DeleteFileA
CopyFileA
GetCurrentProcessId
lstrlenA
GlobalFindAtomA
GetUserDefaultLangID
GetACP
GetProcessHeap
RemoveDirectoryW
DeleteFileW
GetOEMCP
VirtualAlloc
VirtualFree

user32

CharNextA
TranslateMessage
GetParent
GetDesktopWindow
GetSystemMetrics

gdi32

RestoreDC
LineTo
CreatePen
PatBlt
DeleteObject
GetPixel
SelectObject
CreateFontIndirectA
RectVisible
GetTextMetricsA
SetStretchBltMode
SelectPalette
SetTextAlign
GetClipBox
SaveDC
GetObjectA
GetDeviceCaps
CreateSolidBrush
SetTextColor
CreatePalette
DeleteDC
CreateCompatibleDC
SetMapMode
GetStockObject
SetPixel

glu32

gluQuadricCallback

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2974e93f62a0ecec00fa91dcedaae78

Headers

File Characteristics

Imports

kernel32

user32

gdi32

glu32

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 79KB - Virtual size: 79KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 79KB - Virtual size: 79KB

.rsrc
Size: 15KB - Virtual size: 15KB