49cda967c65c0b614d787e3ee4eb04b5_JaffaCakes118

General

Target

49cda967c65c0b614d787e3ee4eb04b5_JaffaCakes118
Size

112KB
MD5

49cda967c65c0b614d787e3ee4eb04b5
SHA1

e29dd71e3a4d35d56fc22f5ded6936b706824f59
SHA256

408358930fe92ef90cd30a85dfc011c283a2966351784b54e6fb2e505ba8d20d
SHA512

cc7ddca437d33570c0f682f2ec4e446073780894da9d10e919352f38251bde374788442b2e1a7fc114519017a01a7aa552b9ff7931e7b393b4d3396a55596cc8
SSDEEP

1536:78+Qhy+GuNNXt97kPZ7GOf16TFMdkvF2bbn3cuQG1EOAYAU/cjA0rq8/kcw:78+QhLHNctf16T2Ea3cuQA73+pq8/kc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49cda967c65c0b614d787e3ee4eb04b5_JaffaCakes118

Files

49cda967c65c0b614d787e3ee4eb04b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d2fd7eaf3f47e82410f5445d051b706c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetParent
GetSystemMetrics
GetDesktopWindow
CharNextA
TranslateMessage

kernel32

lstrcmpiA
QueryPerformanceCounter
RemoveDirectoryA
GetCurrentThreadId
GetACP
GetStartupInfoA
lstrlenW
lstrcmpA
GetCommandLineA
VirtualAlloc
GetConsoleOutputCP
GetDriveTypeA
GetCurrentThread
VirtualFree
lstrlenA
GetOEMCP
GetTickCount
CopyFileA
DeleteFileA
SetCurrentDirectoryA
RemoveDirectoryW
GetThreadLocale
GetUserDefaultLangID
GetVersion
GetCommandLineW
MulDiv
lstrcmpiW
GetModuleHandleW
GetCurrentProcess
DeleteFileW
GetWindowsDirectoryA
GlobalFindAtomW
GetCurrentProcessId
IsDebuggerPresent
GetProcessHeap
GlobalFindAtomA

gdi32

GetTextMetricsA
GetStockObject
DeleteDC
SelectObject
SaveDC
CreateSolidBrush
SetTextAlign
LineTo
SetMapMode
CreateCompatibleDC
GetPixel
PatBlt
CreateFontIndirectA
SetStretchBltMode
RectVisible
GetClipBox
GetObjectA
SetPixel
SelectPalette
SetTextColor
CreatePen
CreatePalette
RestoreDC
GetDeviceCaps
DeleteObject

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2fd7eaf3f47e82410f5445d051b706c

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 78KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 11KB - Virtual size: 11KB