44b9ba940277b881fa3d5c68c82e0422_JaffaCakes118

General

Target

44b9ba940277b881fa3d5c68c82e0422_JaffaCakes118
Size

97KB
MD5

44b9ba940277b881fa3d5c68c82e0422
SHA1

17854e584a33e7f37228cbb6d41262e52a316bf2
SHA256

ec686e2fc553b2a7b9985d3a621086839828388692d7189411448b172f81d2a3
SHA512

24c92f57d0f17b699ffc8641bfec12345908bb9d241139823b22baa7cd768ea0393d08d61f43876da9155c36b8e4faaa2ec5c82980a5f235248eb5b914077652
SSDEEP

1536:ufFD7COAFJG7uFTCVxPohjPAVF0PIDCKniOzo3EYu/y/3jyXrq6f:ufR7mGT8AVLP/o3EYu/OUT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44b9ba940277b881fa3d5c68c82e0422_JaffaCakes118

Files

44b9ba940277b881fa3d5c68c82e0422_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0b7ea717b5f1133068f3946e68d84211

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
GetSystemMetrics
CharNextA
GetDesktopWindow
TranslateMessage
GetParent

kernel32

lstrlenW
DeleteFileW
GetCurrentProcess
GetCurrentProcessId
CopyFileA
VirtualAlloc
DeleteFileA
GetACP
GetVersion
GetWindowsDirectoryA
GetModuleHandleW
RemoveDirectoryA
lstrcmpA
GetTickCount
GetCommandLineA
lstrcmpiA
QueryPerformanceCounter
MulDiv
GetCurrentThreadId
lstrcmpiW
GetOEMCP
GetModuleHandleA
GetThreadLocale
GetProcessHeap
GlobalFindAtomW
RemoveDirectoryW
GlobalFindAtomA
lstrlenA
GetDriveTypeA
IsDebuggerPresent
GetUserDefaultLangID
ExitProcess
SetCurrentDirectoryA
GetStartupInfoA
GetCurrentThread
GetConsoleOutputCP
GetCommandLineW

gdi32

GetDeviceCaps
RectVisible
SetTextColor
CreateCompatibleDC
SetTextAlign
PatBlt
CreatePalette
GetPixel
CreatePen
GetClipBox
SaveDC
SelectObject
GetTextMetricsA
SetStretchBltMode
SetMapMode
RestoreDC
CreateSolidBrush
GetObjectA
CreateFontIndirectA
GetNearestPaletteIndex
DeleteObject
LineTo
SelectPalette
DeleteDC
GetStockObject

glu32

gluQuadricCallback

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b7ea717b5f1133068f3946e68d84211

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 64KB - Virtual size: 64KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 64KB - Virtual size: 64KB

.rsrc
Size: 12KB - Virtual size: 11KB