379a7f44212ed4856c3fdeff114f873b_JaffaCakes118

General

Target

379a7f44212ed4856c3fdeff114f873b_JaffaCakes118
Size

97KB
MD5

379a7f44212ed4856c3fdeff114f873b
SHA1

6bedc8a4d4e510eade10d75822768cdc81da1aa4
SHA256

975733ff22eaee173916b0e078b626ef1abab84c4cbc34cfd310e5b469a3694a
SHA512

a6db0318aa8811041e7ce968091f86c625ddc366e754e3a3b0e7f24b29861251bfc3ec935fd6332b8b136e62173aa37e2dde840048a44c022c0c51c8221e2a7b
SSDEEP

1536:h2+lDB3xt8xqVmMErid6Wl2xdMfBcxyldv1XEPnb0UZJ7dBp6qhdPCKcTAR7Gkx:c+b8kaGAdMfnv1XEj0U/7F6k9zcTKiO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
379a7f44212ed4856c3fdeff114f873b_JaffaCakes118

Files

379a7f44212ed4856c3fdeff114f873b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4ffeba8885257c8a013556b6975f3f08

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
GetParent
CharNextA
GetDesktopWindow
GetSystemMetrics
TranslateMessage

kernel32

GetCommandLineA
DeleteFileA
GetUserDefaultLangID
GetDriveTypeA
GetCurrentProcessId
GetWindowsDirectoryA
GetThreadLocale
GetCurrentThread
GetModuleHandleW
lstrcmpiA
MulDiv
IsDebuggerPresent
GetTickCount
lstrlenA
lstrcmpiW
GetACP
GetProcessHeap
DeleteFileW
lstrlenW
GetStartupInfoA
SetCurrentDirectoryA
GlobalFindAtomW
QueryPerformanceCounter
VirtualAlloc
GetCurrentProcess
RemoveDirectoryA
CopyFileA
GlobalFindAtomA
GetModuleHandleA
GetCommandLineW
GetConsoleOutputCP
GetOEMCP
lstrcmpA
GetCurrentThreadId
RemoveDirectoryW
GetVersion
ExitProcess

gdi32

LineTo
SetTextColor
SetTextAlign
SelectPalette
CreateSolidBrush
GetClipBox
GetPixel
CreateCompatibleDC
GetTextMetricsA
DeleteObject
RectVisible
SetStretchBltMode
CreatePen
GetDeviceCaps
GetStockObject
SaveDC
PatBlt
SetMapMode
GetObjectA
CreateFontIndirectA
DeleteDC
CreatePalette
SelectObject
RestoreDC
GetNearestPaletteIndex

glu32

gluQuadricCallback

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ffeba8885257c8a013556b6975f3f08

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 22KB - Virtual size: 21KB

.data Size: 60KB - Virtual size: 60KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 22KB - Virtual size: 21KB

.data
Size: 60KB - Virtual size: 60KB

.rsrc
Size: 13KB - Virtual size: 13KB