40890b24963e5ba3de9ed8cbf56efc96_JaffaCakes118

General

Target

40890b24963e5ba3de9ed8cbf56efc96_JaffaCakes118
Size

165KB
MD5

40890b24963e5ba3de9ed8cbf56efc96
SHA1

77cc545974d51de19a4283fd9593545e7b6ebeeb
SHA256

4031bcb48c7ba639f45cd56d3d35b9633a6eb5e058a001b1c7310e211b3671f3
SHA512

e36e6f2a5ce230c1e2eec3a505ac38612fad706740630a0e7e1408c79a51f9da22e853a59d25f62278c2203f04b1a0e10092904350817142ebae7342570c3ae1
SSDEEP

3072:U7yolQlEd7Gx7k4h/cbyjJlC8Z1WDJvF7u+gVrUKb:U7n7j4JcyJ8D5F7uH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40890b24963e5ba3de9ed8cbf56efc96_JaffaCakes118

Files

40890b24963e5ba3de9ed8cbf56efc96_JaffaCakes118
.exe windows:4 windows x86 arch:x86

149649490087ce54cdd84e1c6ff0bec5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
CharNextA
GetDC
GetParent
GetSystemMetrics
TranslateMessage

gdi32

GetObjectA
SetTextAlign
GetStockObject
RestoreDC
LineTo
CreateSolidBrush
DeleteDC
CreatePalette
GetClipBox
DeleteObject
PatBlt
CreateFontIndirectA
SetTextColor
SelectObject
GetDeviceCaps
CreateCompatibleDC
GetPixel
RectVisible
SetMapMode
GetTextMetricsA
SaveDC
SelectPalette
SetStretchBltMode
CreatePen

kernel32

GetConsoleOutputCP
DeleteFileA
GetStartupInfoA
RemoveDirectoryA
SetCurrentDirectoryA
QueryPerformanceCounter
lstrcmpA
IsDebuggerPresent
lstrlenW
VirtualAlloc
GetACP
VirtualFree
GetTickCount
GetCommandLineW
GetCurrentThread
GetThreadLocale
GetModuleHandleW
GetVersion
GetCurrentProcess
lstrcmpiW
GetDriveTypeA
GetUserDefaultLangID
GetOEMCP
GlobalFindAtomW
GetProcessHeap
DeleteFileW
GetModuleHandleA
GetCurrentThreadId
GetCurrentProcessId
GlobalFindAtomA
GetCommandLineA
GetWindowsDirectoryA
CopyFileA

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Mko, Dob
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Hlfcfu F
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

149649490087ce54cdd84e1c6ff0bec5

Headers

File Characteristics

Imports

user32

gdi32

kernel32

glu32

Sections

.text Size: 10KB - Virtual size: 9KB

Mko, Dob Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 24KB

Hlfcfu F Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 10KB - Virtual size: 9KB

Mko, Dob
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 24KB

Hlfcfu F
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 28KB - Virtual size: 27KB