4186db5bd47755c03df32229c93f97ec_JaffaCakes118

General

Target

4186db5bd47755c03df32229c93f97ec_JaffaCakes118
Size

112KB
MD5

4186db5bd47755c03df32229c93f97ec
SHA1

4f1e61a93803c16f45eb1d9b0efa51088b02d2db
SHA256

062179f1c59016ccda53cf1ff1f21d2d6a34eb84ff561c3bc8dabbe737462b9d
SHA512

d9a73b12f66d6f6d1c1c9a2466db49759a225ac32dc1e83cab79fad6731c2919b4b4263d651682f2ee0c1af34bb7cf6adbf61a4d9bbc3a325d655676669c7b07
SSDEEP

1536:atfMfN8iTIQ10EbFCpLYBU0ckvlJifuLrvqvDBZhWXc3KA2O5XDEB0xz2bZ:EfMGlQ2Hp8u0DvNLTwDJUntO5QAz2b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4186db5bd47755c03df32229c93f97ec_JaffaCakes118

Files

4186db5bd47755c03df32229c93f97ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

71b4f1e34355a99143d4568c01ef653f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetModuleHandleA
QueryPerformanceCounter
GlobalFindAtomW
DeleteFileA
GetCommandLineA
CopyFileA
GetCurrentProcessId
MulDiv
GetCommandLineW
SetCurrentDirectoryA
lstrcmpA
GetCurrentProcess
lstrcmpiA
GetCurrentThreadId
lstrlenW
GetProcessHeap
GetACP
GetVersion
GetTickCount
GetOEMCP
GetDriveTypeA
GlobalFindAtomA
GetStartupInfoA
DeleteFileW
GetModuleHandleW
lstrcmpiW
GetThreadLocale
IsDebuggerPresent
RemoveDirectoryA
VirtualAlloc
VirtualFree
GetWindowsDirectoryA
GetConsoleOutputCP
GetCurrentThread
GetUserDefaultLangID
RemoveDirectoryW

gdi32

SetTextColor
GetObjectA
SaveDC
CreateFontIndirectA
RectVisible
SetTextAlign
RestoreDC
CreatePalette
GetClipBox
SelectObject
DeleteDC
GetPixel
PatBlt
GetTextMetricsA
SelectPalette
CreatePen
GetStockObject
CreateCompatibleDC
CreateSolidBrush
SetMapMode
DeleteObject
GetDeviceCaps
LineTo
SetStretchBltMode
SetPixel

user32

TranslateMessage
GetDesktopWindow
GetSystemMetrics
GetParent
CharNextA

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

71b4f1e34355a99143d4568c01ef653f

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 79KB

.rsrc Size: 12KB - Virtual size: 36KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 79KB

.rsrc
Size: 12KB - Virtual size: 36KB