304856c364cc13a677af9fe3ab6d90bc_JaffaCakes118

General

Target

304856c364cc13a677af9fe3ab6d90bc_JaffaCakes118
Size

111KB
MD5

304856c364cc13a677af9fe3ab6d90bc
SHA1

cd2dc78b4129a22ae902fbcf7f27c318d54ab4c0
SHA256

9129042003dcdc736546b286c8bc063d5f16310fda387702bd64d4554745f77e
SHA512

7faa9e5e59a333a7a500a3b3b6a76369b63c7934b6972eea2ea5ec4107cbe1c262ded938d4939096fac622371ff8e69de853f894da274e0ab5c448d554089cc6
SSDEEP

1536:Qm4A9IZSrbB1OnrA1+I6lZTYRT4mBLyRw+w3+aQXdEw7JxlCuqEDbacSj:Qe9jHCnxBYLWRw5apVCuqEej

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
304856c364cc13a677af9fe3ab6d90bc_JaffaCakes118

Files

304856c364cc13a677af9fe3ab6d90bc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

46483fa14348b7a216d3f9725ca5fed3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleOutputCP
GetACP
GetWindowsDirectoryA
GetCommandLineA
SetCurrentDirectoryA
GetVersion
GetUserDefaultLangID
CopyFileA
GetCurrentProcess
GetDriveTypeA
MulDiv
IsDebuggerPresent
lstrcmpiW
lstrlenW
GlobalFindAtomW
GetThreadLocale
GetCurrentProcessId
GetProcessHeap
QueryPerformanceCounter
GetTickCount
GetModuleHandleW
GetStartupInfoA
GetCurrentThread
lstrlenA
GetModuleHandleA
DeleteFileA
GlobalFindAtomA
DeleteFileW
GetOEMCP
RemoveDirectoryA
lstrcmpiA
GetCommandLineW
RemoveDirectoryW
GetCurrentThreadId
VirtualAlloc
VirtualFree

gdi32

SetTextColor
PatBlt
CreatePalette
CreateSolidBrush
SaveDC
GetStockObject
GetObjectA
SelectObject
GetClipBox
CreateFontIndirectA
GetPixel
GetTextMetricsA
CreateCompatibleDC
GetDeviceCaps
RestoreDC
RectVisible
SetMapMode
CreatePen
DeleteObject
LineTo
SelectPalette
SetStretchBltMode
DeleteDC
SetPixel
SetTextAlign

user32

CharNextA
GetDesktopWindow
GetSystemMetrics
TranslateMessage
GetParent

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46483fa14348b7a216d3f9725ca5fed3

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 79KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 79KB

.rsrc
Size: 11KB - Virtual size: 11KB