279ed532ded87f2f7996f691310b84cd_JaffaCakes118

General

Target

279ed532ded87f2f7996f691310b84cd_JaffaCakes118
Size

169KB
MD5

279ed532ded87f2f7996f691310b84cd
SHA1

c7dad4434e81673edaaa3db2f5d19d27603c8bdc
SHA256

c2334e81696fd9a555636b31ae4a81f1e6a2f624fb9cac8f489a30083b0cb326
SHA512

c048ac44467e2f04167b4ba3f6a4d0a9cdd281521f82a7b4392dafd13c856f95fa22128b2189cfa3f8b4e86c509f9b721f6f242905391478d9bbaddc017774f7
SSDEEP

3072:JnwU/cN4otuwDzMcyynUWdsR4nKB8Q0Q8KXEopP74lrCdPr:x/QzMcz5yGB5iF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
279ed532ded87f2f7996f691310b84cd_JaffaCakes118

Files

279ed532ded87f2f7996f691310b84cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

957fc47e051dbcb87b3054be86176b71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

PatBlt
SelectObject
DeleteObject
CreateSolidBrush
GetDeviceCaps
GetClipBox
RectVisible
SetTextColor
GetObjectA
GetPixel
RestoreDC
SetStretchBltMode
GetTextMetricsA
CreatePalette
CreateFontIndirectA
SetTextAlign
LineTo
DeleteDC
SetMapMode
SaveDC
SelectPalette
CreatePen
CreateCompatibleDC
GetStockObject

kernel32

MulDiv
lstrlenW
GlobalFindAtomW
GetOEMCP
lstrcmpA
RemoveDirectoryA
QueryPerformanceCounter
GetACP
SetCurrentDirectoryA
CopyFileA
GetConsoleOutputCP
GetCurrentThread
lstrcmpiA
GetCommandLineW
GetUserDefaultLangID
IsDebuggerPresent
GetModuleHandleW
GetTickCount
DeleteFileW
GetWindowsDirectoryA
VirtualAlloc
VirtualFree
DeleteFileA
lstrcmpiW
GetDriveTypeA
GlobalFindAtomA
GetCommandLineA
GetVersion
GetCurrentThreadId
lstrlenA
GetThreadLocale
GetCurrentProcess
GetProcessHeap
GetCurrentProcessId

user32

TranslateMessage
CharNextA
GetDC
GetParent
GetDesktopWindow
GetSystemMetrics

glu32

gluNurbsCallback

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Ywvii Of
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Ckmo, Sa
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

957fc47e051dbcb87b3054be86176b71

Headers

File Characteristics

Imports

gdi32

kernel32

user32

glu32

Sections

.text Size: 12KB - Virtual size: 11KB

Ywvii Of Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 24KB

Ckmo, Sa Size: 512B - Virtual size: 4KB

.data Size: 101KB - Virtual size: 101KB

.rsrc Size: 29KB - Virtual size: 28KB

.text
Size: 12KB - Virtual size: 11KB

Ywvii Of
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 24KB

Ckmo, Sa
Size: 512B - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 101KB

.rsrc
Size: 29KB - Virtual size: 28KB