5e1ee29bd97b1748b19543f498e6a56b_JaffaCakes118

General

Target

5e1ee29bd97b1748b19543f498e6a56b_JaffaCakes118
Size

98KB
MD5

5e1ee29bd97b1748b19543f498e6a56b
SHA1

dd773acc3d2328022a2da1bef1eb7e62da30b545
SHA256

3538b014fcc1b625dd631d77ec6d7109e5e3f3671de87e2d81ec822bf5d89afc
SHA512

d2b0c216b76dca8c892b59e4ae7e88e76ea47a2a070f9e5c95561615c922efc4513962a7af60a5a5e296b541ebc2e77cdf7e9eb9c67c0cd1ec35850e4bd96e35
SSDEEP

1536:ifUPei0KCu8oDDmeYxnhZkdC/rYrLwupxTEnHO+ODXRz0RkxGejt:ifUhzme6qdH14lpRITj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e1ee29bd97b1748b19543f498e6a56b_JaffaCakes118

Files

5e1ee29bd97b1748b19543f498e6a56b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6b06847aa5fc6f99548b0c2157c7b833

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFindAtomW
GetThreadLocale
DeleteFileW
MulDiv
GetCurrentProcessId
GetStartupInfoA
GetModuleHandleW
lstrcmpA
GetCommandLineW
RemoveDirectoryA
QueryPerformanceCounter
CopyFileA
SetCurrentDirectoryA
GetWindowsDirectoryA
RemoveDirectoryW
GlobalFindAtomA
lstrcmpiA
GetACP
GetUserDefaultLangID
GetOEMCP
lstrcmpiW
DeleteFileA
GetCurrentThread
lstrlenW
GetConsoleOutputCP
GetCommandLineA
ExitProcess
GetVersion
lstrlenA
IsDebuggerPresent
GetDriveTypeA
GetCurrentThreadId
GetCurrentProcess
GetTickCount
GetProcessHeap
GetModuleHandleA
VirtualAlloc

gdi32

SetStretchBltMode
CreateCompatibleDC
PatBlt
CreateSolidBrush
GetTextMetricsA
CreatePen
GetStockObject
DeleteObject
SelectObject
SaveDC
GetObjectA
RestoreDC
SetTextAlign
GetDeviceCaps
GetNearestPaletteIndex
SetTextColor
GetClipBox
SelectPalette
CreateFontIndirectA
SetMapMode
LineTo
CreatePalette
DeleteDC
GetPixel
RectVisible

user32

GetDC
GetDesktopWindow
CharNextA
TranslateMessage
GetSystemMetrics
GetParent

glu32

gluQuadricCallback

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b06847aa5fc6f99548b0c2157c7b833

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 61KB - Virtual size: 61KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 61KB - Virtual size: 61KB

.rsrc
Size: 15KB - Virtual size: 15KB