2152855446d0a672238fa18be61fe4bc_JaffaCakes118

General

Target

2152855446d0a672238fa18be61fe4bc_JaffaCakes118
Size

114KB
MD5

2152855446d0a672238fa18be61fe4bc
SHA1

428f8e65ed3b13449fafc5d04a8be4298ece838a
SHA256

16acbd26c3dddf8779b3966620c27864c70ff086831c315b935826e25b7c1587
SHA512

b299dce585c0e21eeb63d03a08163026124036393e4606a3731e177fc541561650d6f375ae23ea311ddfe0d3d875b65d03f2a5bc68acacc34143bd10c3a95f6b
SSDEEP

3072:1OuzdpmfOVIkYzL1/G/T4ZkumMOQP2geF0tb:VWmnbY+l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2152855446d0a672238fa18be61fe4bc_JaffaCakes118

Files

2152855446d0a672238fa18be61fe4bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

12f66c97f6ef3434237219351f7e4221

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
TranslateMessage
CharNextA
GetDesktopWindow
GetParent

kernel32

GetWindowsDirectoryA
CopyFileA
SetCurrentDirectoryA
lstrlenW
lstrcmpiA
GetTickCount
GetOEMCP
QueryPerformanceCounter
VirtualAlloc
GlobalFindAtomW
IsDebuggerPresent
VirtualFree
GetProcessHeap
GetCurrentThread
GetModuleHandleW
lstrcmpA
DeleteFileW
GetCurrentProcessId
GetUserDefaultLangID
GetCommandLineW
DeleteFileA
GetCommandLineA
RemoveDirectoryA
GetModuleHandleA
GetDriveTypeA
GlobalFindAtomA
lstrlenA
GetVersion
GetCurrentProcess
GetStartupInfoA
GetCurrentThreadId
MulDiv
GetConsoleOutputCP
GetACP
RemoveDirectoryW
GetThreadLocale
lstrcmpiW

gdi32

LineTo
SaveDC
GetTextMetricsA
SelectObject
GetObjectA
GetStockObject
CreateCompatibleDC
SelectPalette
RestoreDC
GetDeviceCaps
CreateFontIndirectA
SetStretchBltMode
CreateSolidBrush
CreatePen
GetClipBox
RectVisible
GetPixel
SetMapMode
CreatePalette
SetTextColor
DeleteDC
PatBlt
DeleteObject
SetTextAlign
SetPixel

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12f66c97f6ef3434237219351f7e4221

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 79KB - Virtual size: 78KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 14KB - Virtual size: 13KB