276eb7e3187a9d8fe11e46a4c0e44a5b_JaffaCakes118

General

Target

276eb7e3187a9d8fe11e46a4c0e44a5b_JaffaCakes118
Size

102KB
MD5

276eb7e3187a9d8fe11e46a4c0e44a5b
SHA1

ba4850a65d71459e7939db5e589f2f84cd0d71b1
SHA256

e22e8c355fa982a6e699343514784aea187c0bd65c4573ea1296cb0857da5502
SHA512

1671ab322b2373af1cdd8a7027ffa2c84d9a1862efa6d345eefb5107d2b17de137ee8b15035536afb064f5905c7b211523a36dba8167d4b3746f8588ff34e2cc
SSDEEP

1536:rBJlf3dHN0XlKxs+3OOQfCAwNC9dLK2goltJ0zEsKSPJLuqjd886p/zGQp8XUQ:l9BfQfsILzgoh0zqWjurkX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
276eb7e3187a9d8fe11e46a4c0e44a5b_JaffaCakes118

Files

276eb7e3187a9d8fe11e46a4c0e44a5b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

62fa160d8ad8dc8b40dba2a739bd4312

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
GetSystemMetrics
CharNextA
GetParent
GetDesktopWindow
GetDC

kernel32

lstrlenW
GetVersion
SetCurrentDirectoryA
IsDebuggerPresent
GetWindowsDirectoryA
GetOEMCP
GetCurrentProcessId
GetModuleHandleW
GlobalFindAtomA
lstrcmpiW
GetCurrentThreadId
DeleteFileA
GetTickCount
GetProcessHeap
GetCommandLineW
GetCommandLineA
QueryPerformanceCounter
GetStartupInfoA
GetUserDefaultLangID
GetCurrentProcess
lstrcmpiA
GetThreadLocale
RemoveDirectoryA
GetConsoleOutputCP
lstrcmpA
GetModuleHandleA
GetACP
CopyFileA
GlobalFindAtomW
lstrlenA
GetCurrentThread
GetDriveTypeA
RemoveDirectoryW
ExitProcess
DeleteFileW
VirtualAlloc
VirtualFree

gdi32

SetStretchBltMode
GetObjectA
DeleteObject
CreateFontIndirectA
SelectPalette
GetTextMetricsA
SetTextColor
SelectObject
RectVisible
GetClipBox
LineTo
PatBlt
RestoreDC
GetStockObject
SetMapMode
SetTextAlign
CreateCompatibleDC
CreatePalette
GetPixel
CreatePen
SaveDC
GetDeviceCaps
DeleteDC
CreateSolidBrush
GetNearestPaletteIndex

glu32

gluQuadricCallback

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62fa160d8ad8dc8b40dba2a739bd4312

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 68KB - Virtual size: 67KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 68KB - Virtual size: 67KB

.rsrc
Size: 12KB - Virtual size: 12KB