413e8fd230781d7ca62d7eec0c29ffe3_JaffaCakes118

General

Target

413e8fd230781d7ca62d7eec0c29ffe3_JaffaCakes118
Size

99KB
MD5

413e8fd230781d7ca62d7eec0c29ffe3
SHA1

693aad8891bfaaaec206f5bda064feb59947ab04
SHA256

faccdfa781ae563b0965bfec0ec0ffd96f96812f3a7931981dad95a4c314200c
SHA512

4817eeb26bdf2f3a2a2acf7141989a6eb29b01a17f830f28de951810821076bcf7d4f71ef8eac4742ff6abe5f2dbbb1827497d16079f376ed620bd2c7cd7e4f4
SSDEEP

3072:immP/O1K+B8rBJSlmdG1E7kUhA0lYx5Ia:iHP/WMBoE7k5x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
413e8fd230781d7ca62d7eec0c29ffe3_JaffaCakes118

Files

413e8fd230781d7ca62d7eec0c29ffe3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a3af1afd0fab74c4c5a8d3b23d28965

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
GetSystemMetrics
TranslateMessage
CharNextA
GetDC
GetParent

kernel32

DeleteFileW
lstrcmpiA
GetUserDefaultLangID
IsDebuggerPresent
GetThreadLocale
GetModuleHandleA
GetModuleHandleW
lstrlenW
GetCurrentThreadId
GetWindowsDirectoryA
GetConsoleOutputCP
MulDiv
RemoveDirectoryW
SetCurrentDirectoryA
GetCurrentProcessId
CopyFileA
GetOEMCP
GetCommandLineW
GlobalFindAtomA
GetTickCount
RemoveDirectoryA
GetVersion
lstrcmpiW
QueryPerformanceCounter
GlobalFindAtomW
ExitProcess
GetStartupInfoA
DeleteFileA
GetCurrentThread
GetCommandLineA
GetProcessHeap
VirtualAlloc
GetACP
GetDriveTypeA
lstrcmpA
GetCurrentProcess

gdi32

SetTextColor
GetDeviceCaps
LineTo
SetMapMode
CreateCompatibleDC
CreateSolidBrush
SelectPalette
GetClipBox
GetNearestPaletteIndex
CreatePalette
GetObjectA
SetStretchBltMode
SaveDC
SelectObject
DeleteObject
DeleteDC
RestoreDC
GetTextMetricsA
RectVisible
CreateFontIndirectA
CreatePen
SetTextAlign
GetPixel
PatBlt
GetStockObject

glu32

gluQuadricCallback

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5a3af1afd0fab74c4c5a8d3b23d28965

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 68KB - Virtual size: 67KB

.rsrc Size: 11KB - Virtual size: 31KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 68KB - Virtual size: 67KB

.rsrc
Size: 11KB - Virtual size: 31KB