46349967cdaabd991f7ad50ac6242cd7_JaffaCakes118

General

Target

46349967cdaabd991f7ad50ac6242cd7_JaffaCakes118
Size

114KB
MD5

46349967cdaabd991f7ad50ac6242cd7
SHA1

5b776212bd69b12cc25a9de2161768046d1b5bd3
SHA256

09ad997bf4949b33b1b9563b0748248855c54c351e67cdd860a8bf83206375bc
SHA512

8181ddbda9423f07f709769936b2ebad9e3541d48f7013ff5be159e05ad45551bb0ceb6a672a402dbb0e2c3e287d314043f1ec254cc2d7f69c09283bfbac9717
SSDEEP

1536:e4mTSDHTHoLJPon6z3IDRtxmBJKQrWwVCJHJHt81n4W+ygcc/rA9NC1c:eGLTHKJPrIDRt0KQrwZ//rATC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46349967cdaabd991f7ad50ac6242cd7_JaffaCakes118

Files

46349967cdaabd991f7ad50ac6242cd7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

29cbbd7d72bb66e5dbbf42a52bdfc8a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
QueryPerformanceCounter
GetConsoleOutputCP
lstrlenW
GetCurrentProcess
lstrcmpiA
lstrcmpiW
GetUserDefaultLangID
GetVersion
MulDiv
GlobalFindAtomA
GetDriveTypeA
GetACP
GlobalFindAtomW
GetWindowsDirectoryA
GetProcessHeap
lstrlenA
GetCurrentThread
CopyFileA
IsDebuggerPresent
GetModuleHandleA
GetModuleHandleW
GetOEMCP
SetCurrentDirectoryA
GetCommandLineW
DeleteFileW
DeleteFileA
GetStartupInfoA
GetThreadLocale
GetTickCount
RemoveDirectoryA
GetCurrentThreadId
GetCurrentProcessId
RemoveDirectoryW
VirtualAlloc
VirtualFree

user32

TranslateMessage
GetSystemMetrics
GetDesktopWindow
CharNextA
GetParent

gdi32

CreateCompatibleDC
SaveDC
SetTextColor
LineTo
CreatePalette
PatBlt
CreatePen
GetObjectA
DeleteObject
RectVisible
SetTextAlign
GetDeviceCaps
GetStockObject
GetTextMetricsA
RestoreDC
SelectObject
GetPixel
CreateFontIndirectA
SetStretchBltMode
SetMapMode
DeleteDC
GetClipBox
SelectPalette
CreateSolidBrush
SetPixel

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29cbbd7d72bb66e5dbbf42a52bdfc8a4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

glu32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 79KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 79KB

.rsrc
Size: 13KB - Virtual size: 12KB