3eccfb7e5d0bcfb2deeaa1b60a7bd418_JaffaCakes118

General

Target

3eccfb7e5d0bcfb2deeaa1b60a7bd418_JaffaCakes118
Size

117KB
MD5

3eccfb7e5d0bcfb2deeaa1b60a7bd418
SHA1

0f8ebf916046c4d72b3cdbf6173aa469ef1b3762
SHA256

38dc4c786b24abea5280ff1a678131367a615cf1f5316d1e6f328ac5e8485ca4
SHA512

135cdc2ad9ca90cd3eb6781723b0edf5c5f9fa7c8eb45f9d500948988aa536a756c035d300b50d9ee5013e4ca3a3a3d4e1b633f853863a18286004159c432d0b
SSDEEP

3072:FsA/oA9gB2u1iZ6D3kup+CWoH6R2ve5Ar2f:mgoVniZUkup+Zyo5Ar

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3eccfb7e5d0bcfb2deeaa1b60a7bd418_JaffaCakes118

Files

3eccfb7e5d0bcfb2deeaa1b60a7bd418_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bd065b9a497b5d0dc84060c78a58dec9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
GetDesktopWindow
GetSystemMetrics
GetParent
CharNextA

kernel32

GetCurrentThreadId
lstrlenA
GetTickCount
GetModuleHandleW
GetModuleHandleA
lstrcmpA
GetProcessHeap
lstrlenW
GetWindowsDirectoryA
GlobalFindAtomA
DeleteFileW
RemoveDirectoryA
DeleteFileA
GetOEMCP
GetStartupInfoA
GetCommandLineW
GetConsoleOutputCP
GetCurrentThread
GetDriveTypeA
lstrcmpiW
GlobalFindAtomW
GetUserDefaultLangID
MulDiv
SetCurrentDirectoryA
GetACP
GetCommandLineA
GetCurrentProcess
CopyFileA
GetVersion
GetCurrentProcessId
GetThreadLocale
QueryPerformanceCounter
RemoveDirectoryW
IsDebuggerPresent
lstrcmpiA
VirtualAlloc
VirtualFree

gdi32

CreateCompatibleDC
RectVisible
PatBlt
GetClipBox
GetPixel
LineTo
CreateFontIndirectA
SelectPalette
GetDeviceCaps
DeleteObject
CreatePalette
SetStretchBltMode
SetMapMode
DeleteDC
RestoreDC
SelectObject
GetObjectA
SetTextColor
CreatePen
GetTextMetricsA
SaveDC
CreateSolidBrush
SetPixel
SetTextAlign
GetStockObject

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd065b9a497b5d0dc84060c78a58dec9

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 80KB - Virtual size: 80KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 80KB - Virtual size: 80KB

.rsrc
Size: 14KB - Virtual size: 14KB