302d6cf3fa75ef3ba39dc248df113c69_JaffaCakes118

General

Target

302d6cf3fa75ef3ba39dc248df113c69_JaffaCakes118
Size

97KB
MD5

302d6cf3fa75ef3ba39dc248df113c69
SHA1

de3dbeb0dd5b3f47bdaf6e24664623709a63d87b
SHA256

1657d30d7a8422414aff245367630adfef8b431caf0a64db898be4110d848313
SHA512

d32dbcdfa586f01adf49499a49df69dfd6c2999f23c0ab18da035558d87ada2baa885baf13f1b881da8a615753ebd5c8c8ab58b16e8ae92cb80d3dccc30c62c2
SSDEEP

1536:N224FNMTBw4lMK26WCpkbSMNQkI3FUWUCDNZZxX9CL3+xSUNq7DY0jgQ75Z:NrRW3K26twzIVUWUgbZ1S3+xSUo7bH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
302d6cf3fa75ef3ba39dc248df113c69_JaffaCakes118

Files

302d6cf3fa75ef3ba39dc248df113c69_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ecba2458413963c25940cb088dda99d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
GetACP
GetCurrentThread
RemoveDirectoryA
GetProcessHeap
GetWindowsDirectoryA
MulDiv
DeleteFileA
DeleteFileW
lstrcmpiA
IsDebuggerPresent
GlobalFindAtomW
GetModuleHandleA
GetStartupInfoA
RemoveDirectoryW
GetOEMCP
GlobalFindAtomA
GetDriveTypeA
GetCurrentThreadId
SetCurrentDirectoryA
CopyFileA
GetUserDefaultLangID
lstrlenW
GetCurrentProcess
GetCommandLineA
ExitProcess
GetVersion
GetThreadLocale
GetModuleHandleW
GetCommandLineW
lstrcmpA
GetConsoleOutputCP
GetTickCount
VirtualAlloc
lstrlenA

user32

CharNextA
GetSystemMetrics
GetDesktopWindow
GetParent
TranslateMessage
GetDC

gdi32

GetStockObject
SetTextColor
SetStretchBltMode
CreateSolidBrush
CreatePalette
CreateCompatibleDC
RectVisible
DeleteObject
GetTextMetricsA
SaveDC
GetDeviceCaps
SelectPalette
GetPixel
RestoreDC
CreateFontIndirectA
PatBlt
CreatePen
GetNearestPaletteIndex
SetMapMode
GetObjectA
SelectObject
GetClipBox
LineTo
SetTextAlign
DeleteDC

glu32

gluQuadricCallback

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ecba2458413963c25940cb088dda99d2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

glu32

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 63KB - Virtual size: 62KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 63KB - Virtual size: 62KB

.rsrc
Size: 13KB - Virtual size: 13KB