5bfb39217f7fec24c049d3477e0e8169_JaffaCakes118

General

Target

5bfb39217f7fec24c049d3477e0e8169_JaffaCakes118
Size

114KB
MD5

5bfb39217f7fec24c049d3477e0e8169
SHA1

d7ad93c85305c5a3af0eaa3f290f47246b76b82c
SHA256

fccbbb73324ed42ca4ad6d67eae6fa5ff4dc3fc70f736f00bd64ab254a55da2d
SHA512

970145b7d5d2ba15290f365831b08c786b46a5e176579d9f9ffa3d0f96bddaeddd43132dcf74dc5b2fb6a59ca2f022acd196f117daa1c7b9b7510c88e4aa3050
SSDEEP

3072:3jalT/Urj9y7ISCTWaz0t11nqHhjwavxGHqYk:6T/Cj9yEjwwxGK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bfb39217f7fec24c049d3477e0e8169_JaffaCakes118

Files

5bfb39217f7fec24c049d3477e0e8169_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1c23484b2c76932ca71e9708d180f80f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
lstrlenW
MulDiv
GetCurrentThread
CopyFileA
GetACP
GetConsoleOutputCP
GetCurrentThreadId
GetUserDefaultLangID
lstrcmpA
DeleteFileW
DeleteFileA
GetOEMCP
IsDebuggerPresent
GetModuleHandleA
GlobalFindAtomA
GetTickCount
GetCurrentProcess
GetCommandLineA
GetModuleHandleW
GlobalFindAtomW
GetCurrentProcessId
GetStartupInfoA
lstrcmpiW
GetDriveTypeA
GetWindowsDirectoryA
lstrlenA
RemoveDirectoryW
lstrcmpiA
GetCommandLineW
GetVersion
SetCurrentDirectoryA
GetProcessHeap
RemoveDirectoryA
VirtualAlloc
VirtualFree

gdi32

CreatePalette
GetStockObject
SetMapMode
GetClipBox
SelectPalette
CreateFontIndirectA
CreateSolidBrush
SetTextAlign
DeleteObject
SetStretchBltMode
CreateCompatibleDC
GetDeviceCaps
PatBlt
RestoreDC
SaveDC
GetPixel
LineTo
GetObjectA
SelectObject
GetTextMetricsA
RectVisible
CreatePen
SetTextColor
SetPixel
DeleteDC

user32

GetDesktopWindow
GetParent
GetSystemMetrics
CharNextA
TranslateMessage

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1c23484b2c76932ca71e9708d180f80f

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 78KB - Virtual size: 77KB

.rsrc Size: 15KB - Virtual size: 35KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 78KB - Virtual size: 77KB

.rsrc
Size: 15KB - Virtual size: 35KB