3b7525d57fe5351db726b9982505b618_JaffaCakes118

General

Target

3b7525d57fe5351db726b9982505b618_JaffaCakes118
Size

99KB
MD5

3b7525d57fe5351db726b9982505b618
SHA1

bdea5d7ca8db1349b652c1b71d278ed7864c4f50
SHA256

c0b3e4a03645d5501203231c9e55e237163377901ca984be4f39e73c0f4166f1
SHA512

c2ffae5c6eda64fcf3fcb19666b6ab2a5959419ee339f77bdede6a41dc964f5ee9d7140a4484af5ce2d3c0aaad8951edf62dbbaaee05bcb60c0670e8719e5f4d
SSDEEP

3072:Vx5g/JEVMxKN4IxcBwPiOaGXxmD4U2PMmWl:DKeDX3PiO9mcxPMj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b7525d57fe5351db726b9982505b618_JaffaCakes118

Files

3b7525d57fe5351db726b9982505b618_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aaa59183fc48a37760de8d9447716cd7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
GetSystemMetrics
CharNextA
GetDC
GetParent
GetDesktopWindow

gdi32

GetDeviceCaps
CreateFontIndirectA
DeleteDC
CreatePen
GetClipBox
CreatePalette
SetMapMode
GetStockObject
SelectObject
PatBlt
SetTextAlign
RestoreDC
RectVisible
DeleteObject
SetStretchBltMode
CreateSolidBrush
GetPixel
SetTextColor
GetObjectA
SaveDC
GetTextMetricsA
CreateCompatibleDC
LineTo
GetNearestPaletteIndex
SelectPalette

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetWindowsDirectoryA
RemoveDirectoryA
GetCommandLineW
GlobalFindAtomA
DeleteFileA
CopyFileA
GetProcessHeap
GetUserDefaultLangID
GetACP
lstrlenW
VirtualAlloc
GetDriveTypeA
VirtualFree
GetTickCount
MulDiv
DeleteFileW
RemoveDirectoryW
GetVersion
GetConsoleOutputCP
lstrlenA
GetCurrentProcess
GetThreadLocale
GetCurrentThread
IsDebuggerPresent
lstrcmpiA
ExitProcess
lstrcmpiW
GetStartupInfoA
GetModuleHandleW
lstrcmpA
GlobalFindAtomW
GetModuleHandleA
GetOEMCP
QueryPerformanceCounter
SetCurrentDirectoryA
GetCommandLineA

glu32

gluQuadricCallback

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aaa59183fc48a37760de8d9447716cd7

Headers

File Characteristics

Imports

user32

gdi32

kernel32

glu32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 64KB - Virtual size: 64KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 64KB - Virtual size: 64KB

.rsrc
Size: 13KB - Virtual size: 13KB