1ba7f4461d5a7c8b6dcab0f74a8f607f_JaffaCakes118

General

Target

1ba7f4461d5a7c8b6dcab0f74a8f607f_JaffaCakes118
Size

113KB
MD5

1ba7f4461d5a7c8b6dcab0f74a8f607f
SHA1

f21d4619f079c7a29f5e3f4a3d97f35a811fcd5a
SHA256

181df0c7f22a900d6eed5c1ec605625266e20d60ce1a5c7e1a626c01e004e9e7
SHA512

fffee6f2a74fac546d0853a415375651584feb7239208d2accf15b4ea2f9064c5aecbbf4a04e142ff48e89a648fff5311f03ec4be2bc443354c5473383b8b967
SSDEEP

1536:4yylGeyO4jKvFoF6CtrI3qINmlvieMjgLrMxFIHfpbT0u5HhN0m0glB:4PGeyO4kFogv9N5/MLr9/NT0MsW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ba7f4461d5a7c8b6dcab0f74a8f607f_JaffaCakes118

Files

1ba7f4461d5a7c8b6dcab0f74a8f607f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

764d1bd9f777190c434ffd2ffe7d0c04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
IsDebuggerPresent
GetTickCount
GetConsoleOutputCP
GetCommandLineA
CopyFileA
GetDriveTypeA
QueryPerformanceCounter
lstrcmpiW
GetCurrentProcessId
GetStartupInfoA
GetCurrentThread
DeleteFileA
lstrcmpA
VirtualAlloc
lstrlenA
GetThreadLocale
GetCommandLineW
GetUserDefaultLangID
SetCurrentDirectoryA
lstrlenW
VirtualFree
RemoveDirectoryA
DeleteFileW
MulDiv
GetVersion
GetCurrentProcess
GetModuleHandleW
GetACP
GetOEMCP
GetCurrentThreadId
RemoveDirectoryW
lstrcmpiA
GlobalFindAtomW
GetModuleHandleA
GlobalFindAtomA

user32

TranslateMessage
GetDesktopWindow
GetSystemMetrics
CharNextA
GetParent

gdi32

GetTextMetricsA
LineTo
DeleteDC
GetObjectA
CreateFontIndirectA
SaveDC
SelectPalette
GetClipBox
CreatePalette
PatBlt
SelectObject
RectVisible
RestoreDC
DeleteObject
SetMapMode
GetDeviceCaps
GetStockObject
GetPixel
SetTextAlign
CreateCompatibleDC
CreatePen
SetTextColor
SetStretchBltMode
SetPixel
CreateSolidBrush

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

764d1bd9f777190c434ffd2ffe7d0c04

Headers

File Characteristics

Imports

kernel32

user32

gdi32

glu32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 78KB - Virtual size: 78KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 78KB - Virtual size: 78KB

.rsrc
Size: 14KB - Virtual size: 13KB