29ffe1195d5c4e4e1443808e17eafe6a_JaffaCakes118

General

Target

29ffe1195d5c4e4e1443808e17eafe6a_JaffaCakes118
Size

113KB
MD5

29ffe1195d5c4e4e1443808e17eafe6a
SHA1

7b89ae8155b5b1f900fcd1196e2b907170437684
SHA256

1955f123882035a5f85b55efbcc5cda6ce199c95ea2ec771b624750ff557dd1d
SHA512

324c0da8c672e7af745653f8149c250a507df3d970b9157e5fe92576cf3d88eef4180c9f374d441fc55a15596aa2f4c7fdb879192cbee384a9532e39757c78d5
SSDEEP

3072:KTtMiRRkGAj+eMEKqWewQFsVNlXdpOu0:6tdb1JpI+ltpb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29ffe1195d5c4e4e1443808e17eafe6a_JaffaCakes118

Files

29ffe1195d5c4e4e1443808e17eafe6a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5d70e10b36c42b52f59781d297c605ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
CharNextA
GetSystemMetrics
GetParent
TranslateMessage

kernel32

GetModuleHandleW
GetProcessHeap
GetUserDefaultLangID
RemoveDirectoryA
GlobalFindAtomW
DeleteFileA
QueryPerformanceCounter
lstrcmpA
GetCurrentProcessId
lstrcmpiW
IsDebuggerPresent
GetACP
lstrlenA
GetModuleHandleA
CopyFileA
GetWindowsDirectoryA
GetCurrentThreadId
GetCurrentThread
GetCommandLineW
GlobalFindAtomA
lstrlenW
GetCurrentProcess
lstrcmpiA
GetCommandLineA
VirtualAlloc
GetStartupInfoA
VirtualFree
MulDiv
GetConsoleOutputCP
SetCurrentDirectoryA
DeleteFileW
GetVersion
GetThreadLocale
GetTickCount
GetOEMCP
RemoveDirectoryW

gdi32

CreatePen
PatBlt
SelectObject
SetStretchBltMode
GetObjectA
GetStockObject
RestoreDC
GetPixel
CreateFontIndirectA
DeleteObject
RectVisible
LineTo
SetTextColor
GetDeviceCaps
SetMapMode
SetTextAlign
SelectPalette
GetTextMetricsA
GetClipBox
CreatePalette
DeleteDC
CreateSolidBrush
SaveDC
CreateCompatibleDC
SetPixel

glu32

gluQuadricCallback

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d70e10b36c42b52f59781d297c605ae

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 80KB - Virtual size: 80KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 80KB - Virtual size: 80KB

.rsrc
Size: 11KB - Virtual size: 10KB