4c2798f595ad3a60f1040a3d5dc38fd8_JaffaCakes118

General

Target

4c2798f595ad3a60f1040a3d5dc38fd8_JaffaCakes118
Size

112KB
MD5

4c2798f595ad3a60f1040a3d5dc38fd8
SHA1

41bc8cae8e01fec1a9643ed5c1474d6262627d36
SHA256

5957e82322ad4b9b00864bb65ac7a9edb1d234e8ca1ab65f705516084dfdc91b
SHA512

c882837258bf1ae60d5e202256f5068efd9d3e3168339abdc1639a6d2568388c4262ce17f0b05e8d8b7c1523f6ea65bb3db900b09fbe198874ad63e2290abf67
SSDEEP

1536:a7AVV8HihmTbTURsKJJcecgbJKvuehAd+K5xVHxQV66HCsXi:aEVV8ChmTblKJJsgO6+KFH2XS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c2798f595ad3a60f1040a3d5dc38fd8_JaffaCakes118

Files

4c2798f595ad3a60f1040a3d5dc38fd8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fda08a5359a421c822b8b7aa1de33a49

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
GetSystemMetrics
TranslateMessage
CharNextA
GetParent

gdi32

CreatePen
RectVisible
GetPixel
DeleteDC
SetMapMode
PatBlt
GetObjectA
SetPixel
CreateSolidBrush
SetTextColor
GetClipBox
CreatePalette
SetTextAlign
RestoreDC
GetDeviceCaps
SelectObject
GetTextMetricsA
CreateFontIndirectA
DeleteObject
SelectPalette
LineTo
SaveDC
SetStretchBltMode
CreateCompatibleDC
GetStockObject

kernel32

RemoveDirectoryA
GetUserDefaultLangID
DeleteFileA
QueryPerformanceCounter
RemoveDirectoryW
GetCurrentThread
GetVersion
lstrlenW
GetDriveTypeA
GlobalFindAtomW
GetCurrentThreadId
GetACP
GetWindowsDirectoryA
GetThreadLocale
lstrlenA
GetCommandLineW
GetOEMCP
GetModuleHandleW
GetConsoleOutputCP
GetCurrentProcess
lstrcmpA
GetStartupInfoA
MulDiv
IsDebuggerPresent
GetCurrentProcessId
SetCurrentDirectoryA
GlobalFindAtomA
CopyFileA
GetProcessHeap
lstrcmpiA
GetTickCount
GetModuleHandleA
GetCommandLineA
DeleteFileW
VirtualAlloc
VirtualFree
lstrcmpiW

glu32

gluQuadricCallback

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fda08a5359a421c822b8b7aa1de33a49

Headers

File Characteristics

Imports

user32

gdi32

kernel32

glu32

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 78KB - Virtual size: 78KB

.rsrc Size: 12KB - Virtual size: 40KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 78KB - Virtual size: 78KB

.rsrc
Size: 12KB - Virtual size: 40KB