3edb116a1506a1ba1d8e909c8f826303_JaffaCakes118

General

Target

3edb116a1506a1ba1d8e909c8f826303_JaffaCakes118
Size

166KB
MD5

3edb116a1506a1ba1d8e909c8f826303
SHA1

182cc70712392b150218dd60cc0df0b26d88caea
SHA256

905ed57e56ac52f56d7f44331fb43b3bec753dc1ff1d0295b022bf62719c97ef
SHA512

f172b2351033bf4b145c00aaf2fcbd88f82e33446c62d42815c8372b0ed75aeb58eb630931df9c220c940297108bcfb8faaeaccacb96665175cb13c892448bfd
SSDEEP

3072:pbFWrf+RyWjl71mYEoGULhI6IgTho1ITvRZmq+xhf:pRQG4GMYEoGULhzIgdo1ITZZmH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3edb116a1506a1ba1d8e909c8f826303_JaffaCakes118

Files

3edb116a1506a1ba1d8e909c8f826303_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e663652d0e650b9ddb8448b434ff2427

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetTextColor
RestoreDC
GetClipBox
GetTextMetricsA
CreateCompatibleDC
CreateFontIndirectA
SetMapMode
SaveDC
GetStockObject
GetObjectA
CreatePen
PatBlt
GetDeviceCaps
RectVisible
SetStretchBltMode
DeleteObject
CreatePalette
DeleteDC
CreateSolidBrush
SetTextAlign
LineTo
SelectObject
GetPixel
SelectPalette

kernel32

GetWindowsDirectoryA
GetThreadLocale
SetCurrentDirectoryA
GetCurrentThread
GetUserDefaultLangID
DeleteFileW
MulDiv
GetCurrentProcess
GetProcessHeap
lstrcmpA
GetVersion
QueryPerformanceCounter
lstrlenA
GetACP
GlobalFindAtomA
GlobalFindAtomW
GetTickCount
GetModuleHandleA
VirtualAlloc
GetOEMCP
VirtualFree
RemoveDirectoryA
GetModuleHandleW
GetCurrentThreadId
GetCommandLineA
GetConsoleOutputCP
lstrcmpiA
GetCurrentProcessId
lstrlenW
IsDebuggerPresent
DeleteFileA
GetCommandLineW
lstrcmpiW
CopyFileA
GetStartupInfoA

user32

GetParent
GetDesktopWindow
CharNextA
GetDC
TranslateMessage
GetSystemMetrics

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Fnvs, Wx
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Wmxor, A
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e663652d0e650b9ddb8448b434ff2427

Headers

File Characteristics

Imports

gdi32

kernel32

user32

glu32

Sections

.text Size: 11KB - Virtual size: 10KB

Fnvs, Wx Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 26KB

Wmxor, A Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 27KB - Virtual size: 26KB

.text
Size: 11KB - Virtual size: 10KB

Fnvs, Wx
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 26KB

Wmxor, A
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 27KB - Virtual size: 26KB