5c61634a84073cd2676507219f4166a4_JaffaCakes118

General

Target

5c61634a84073cd2676507219f4166a4_JaffaCakes118
Size

110KB
MD5

5c61634a84073cd2676507219f4166a4
SHA1

68936dfd13e26ea1f5026331437c539bb5a85f80
SHA256

dde87b03cce25809ed725bd045890ec6325add833915806bef5dc459713b6a6a
SHA512

a2114cedafeaef1b6b678f25b7719488667d3e088daf02f941a96ed7551349d8e418008e52babb19aa95aefc0ec2b2ebdb71dbe17d2866eee6b36a20423eb64f
SSDEEP

1536:P0bm51wFaSFCQUebkVzxrP/Ca1/T5B6AGuegsWZKlUCOuce54VtZo9RUttBCT2+q:D1rXQ7kV95HUWwuCOq4X2nyi2+j/i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c61634a84073cd2676507219f4166a4_JaffaCakes118

Files

5c61634a84073cd2676507219f4166a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3f75cedd35fecb75b74f14fca0d973f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
GetSystemMetrics
GetParent
CharNextA
GetDC
GetDesktopWindow

kernel32

lstrcmpA
VirtualAlloc
GetConsoleOutputCP
GetStartupInfoA
CopyFileA
GetOEMCP
GetDriveTypeA
GetUserDefaultLangID
GlobalFindAtomW
GetCurrentThread
SetCurrentDirectoryA
GetThreadLocale
GetCommandLineA
IsDebuggerPresent
GetCurrentProcessId
lstrlenW
GetWindowsDirectoryA
GlobalFindAtomA
GetCurrentThreadId
DeleteFileA
GetACP
lstrcmpiW
RemoveDirectoryA
GetCurrentProcess
GetCommandLineW
MulDiv
QueryPerformanceCounter
GetTickCount
GetModuleHandleA
GetVersion
lstrcmpiA
RemoveDirectoryW
DeleteFileW
lstrlenA
GetModuleHandleW
ExitProcess
GetProcessHeap

gdi32

SetStretchBltMode
RestoreDC
PatBlt
SetMapMode
CreateSolidBrush
LineTo
GetTextMetricsA
GetPixel
SelectPalette
GetDeviceCaps
GetObjectA
CreateCompatibleDC
CreateFontIndirectA
DeleteObject
SetTextAlign
RectVisible
SaveDC
CreatePalette
GetStockObject
CreatePen
SelectObject
SetTextColor
GetClipBox
DeleteDC
GetNearestPaletteIndex

glu32

gluQuadricCallback

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f75cedd35fecb75b74f14fca0d973f9

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 72KB - Virtual size: 72KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 72KB - Virtual size: 72KB

.rsrc
Size: 16KB - Virtual size: 16KB