4a0738fe6c8d75c23fb83579e896519b_JaffaCakes118

General

Target

4a0738fe6c8d75c23fb83579e896519b_JaffaCakes118
Size

102KB
MD5

4a0738fe6c8d75c23fb83579e896519b
SHA1

91ec16e520ba08d5aba1d7c667ded3d58ed9a957
SHA256

8b621da0661174a884cc061b80a5e2d47498f6adb19806625cd0c553607cd151
SHA512

742413f4e0bd1d0187735d6d5530cad3298f8c97786b4981a19b7b0991278f5565d63c8022719c40ed921f74f504e05598674931cd07d3cf72cbe3a9711a96f6
SSDEEP

3072:xjhqkylB2JImKEQub/xAPVHhiFZ3Kza33G8iotB:xlNO2im7Q2xAtHQFZ3K43S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a0738fe6c8d75c23fb83579e896519b_JaffaCakes118

Files

4a0738fe6c8d75c23fb83579e896519b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

165b43486188bba2136088763b5c752c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCurrentProcess
IsDebuggerPresent
GetModuleHandleW
lstrlenA
CopyFileA
GetModuleHandleA
GlobalFindAtomW
DeleteFileA
GetACP
VirtualAlloc
GetCommandLineW
GetCurrentThreadId
lstrcmpA
VirtualFree
GetDriveTypeA
DeleteFileW
GetVersion
lstrlenW
lstrcmpiW
GetCurrentThread
MulDiv
RemoveDirectoryW
GetConsoleOutputCP
lstrcmpiA
GetUserDefaultLangID
GetThreadLocale
GlobalFindAtomA
SetCurrentDirectoryA
RemoveDirectoryA
GetCurrentProcessId
GetOEMCP
GetCommandLineA
ExitProcess
GetWindowsDirectoryA
GetProcessHeap
QueryPerformanceCounter
GetTickCount

gdi32

LineTo
CreatePen
SetMapMode
SelectObject
CreatePalette
RestoreDC
GetClipBox
DeleteDC
SelectPalette
CreateSolidBrush
GetPixel
RectVisible
PatBlt
CreateFontIndirectA
GetDeviceCaps
GetNearestPaletteIndex
GetObjectA
GetStockObject
SetStretchBltMode
SetTextColor
GetTextMetricsA
SetTextAlign
CreateCompatibleDC
SaveDC
DeleteObject

user32

GetSystemMetrics
GetDC
GetParent
TranslateMessage
GetDesktopWindow
CharNextA

glu32

gluQuadricCallback

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

165b43486188bba2136088763b5c752c

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 65KB - Virtual size: 64KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 65KB - Virtual size: 64KB

.rsrc
Size: 15KB - Virtual size: 15KB