2b3e4402f3ab2db73f484bdc9d9f86ba_JaffaCakes118

General

Target

2b3e4402f3ab2db73f484bdc9d9f86ba_JaffaCakes118
Size

115KB
MD5

2b3e4402f3ab2db73f484bdc9d9f86ba
SHA1

01f88a0a4d2c3dd07cc2ced35fcbf54dd8188442
SHA256

0ce87d657992eb22175073b45a4f0181a159e7f782adc6a5505e4f84e9bee78d
SHA512

425a4d1ab34509593f53aea6ce0655711615cdaa7411763d40ca015604cb4d30a7454b6e3c740fb1ca163f92e270f0cb0cdaaa058c2aff01ef397d6c40c29483
SSDEEP

1536:Oyi0dh5jLfID5X0wHkhNkJEk98Fo8jtvm7HPr1g6GUxMHyppiVJaSK8N:Oy7q5lH7B8OuuPdxMHyTOTp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b3e4402f3ab2db73f484bdc9d9f86ba_JaffaCakes118

Files

2b3e4402f3ab2db73f484bdc9d9f86ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

565a68ae60dd62ff82f93cb6869e8d30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreatePalette
GetDeviceCaps
PatBlt
GetStockObject
GetTextMetricsA
CreatePen
GetPixel
SetStretchBltMode
SetMapMode
CreateFontIndirectA
LineTo
SetTextAlign
GetObjectA
CreateSolidBrush
SetTextColor
SelectPalette
CreateCompatibleDC
RestoreDC
GetClipBox
DeleteDC
DeleteObject
SaveDC
RectVisible
SetPixel
SelectObject

kernel32

GetStartupInfoA
lstrcmpiA
lstrlenW
GlobalFindAtomA
DeleteFileA
lstrlenA
GetWindowsDirectoryA
GetCurrentProcessId
MulDiv
GetTickCount
GetDriveTypeA
IsDebuggerPresent
GetOEMCP
GetCurrentThreadId
GetConsoleOutputCP
GetModuleHandleW
GetCommandLineA
GetVersion
QueryPerformanceCounter
DeleteFileW
GetCurrentProcess
CopyFileA
SetCurrentDirectoryA
GlobalFindAtomW
RemoveDirectoryA
GetCurrentThread
GetProcessHeap
lstrcmpiW
GetModuleHandleA
lstrcmpA
GetThreadLocale
RemoveDirectoryW
GetCommandLineW
GetACP
GetUserDefaultLangID
VirtualAlloc
VirtualFree

user32

GetParent
CharNextA
GetSystemMetrics
TranslateMessage
GetDesktopWindow

glu32

gluQuadricCallback

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

565a68ae60dd62ff82f93cb6869e8d30

Headers

File Characteristics

Imports

gdi32

kernel32

user32

glu32

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 79KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 79KB

.rsrc
Size: 15KB - Virtual size: 15KB