420409d4126d125e3aac22bd5b9983ca_JaffaCakes118

General

Target

420409d4126d125e3aac22bd5b9983ca_JaffaCakes118
Size

114KB
MD5

420409d4126d125e3aac22bd5b9983ca
SHA1

6f662ff9614fe3764727d525cc212d37918e5d84
SHA256

905ad39d782dfe7fa7bfdaf97d60183205fb7168411b72ff6ab6fce22dfb6173
SHA512

da3d04512fb615156bfd517ee7d709492ba0b86cbcb93ffe64fa6bce680a2a45a19d46157a1a3b7ac2deb6608bd9cab736223b73f31e53196f417993dfdeccdc
SSDEEP

3072:MkKASRY8i3aNuUqQl16imTap/12DAeHLkD:SaaD0imTK12

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
420409d4126d125e3aac22bd5b9983ca_JaffaCakes118

Files

420409d4126d125e3aac22bd5b9983ca_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6a142ed96e603c409e4670f59e9c1fd4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
GetDesktopWindow
CharNextA
GetParent
GetSystemMetrics

gdi32

SaveDC
RectVisible
SetTextColor
SetStretchBltMode
GetPixel
CreatePalette
RestoreDC
GetStockObject
CreatePen
SelectPalette
CreateCompatibleDC
GetClipBox
GetDeviceCaps
SetMapMode
PatBlt
DeleteObject
CreateSolidBrush
CreateFontIndirectA
GetObjectA
GetTextMetricsA
DeleteDC
SelectObject
SetTextAlign
LineTo
SetPixel

kernel32

GetCurrentProcess
MulDiv
GetWindowsDirectoryA
IsDebuggerPresent
GetCommandLineA
GlobalFindAtomA
GetThreadLocale
GetConsoleOutputCP
lstrcmpiA
SetCurrentDirectoryA
GetCurrentProcessId
GetDriveTypeA
GetUserDefaultLangID
lstrlenW
QueryPerformanceCounter
DeleteFileA
GetACP
GetTickCount
GetCommandLineW
RemoveDirectoryA
GetCurrentThreadId
GetVersion
GetCurrentThread
lstrcmpiW
lstrcmpA
CopyFileA
GetStartupInfoA
GetModuleHandleA
RemoveDirectoryW
GetOEMCP
lstrlenA
GetProcessHeap
GetModuleHandleW
DeleteFileW
GlobalFindAtomW
VirtualAlloc
VirtualFree

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a142ed96e603c409e4670f59e9c1fd4

Headers

File Characteristics

Imports

user32

gdi32

kernel32

glu32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 78KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 14KB - Virtual size: 13KB