5c6b24633472e51ba3a1f376ada323f0_JaffaCakes118

General

Target

5c6b24633472e51ba3a1f376ada323f0_JaffaCakes118
Size

168KB
MD5

5c6b24633472e51ba3a1f376ada323f0
SHA1

ec2066d7e51b012f4fff245f530eb983329d64b7
SHA256

14bcf5eb9b7f039722b1b006a4a777f5a12ba58ee87d47ab43dd7ea6c72e4ed9
SHA512

b47f8c786a02043e84d7067108e151408ce82f6d86be869815f19aa6894c00d294dfafe3e721c652181bcf13895fdbad833cc214d20c53253a00bb6964954d4e
SSDEEP

3072:PhAOjw4udficE6t7+eqaWnAV3zD9/L5YvGg8u7S2PTjxB8M:JAOjTutifMV5YugHFjp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c6b24633472e51ba3a1f376ada323f0_JaffaCakes118

Files

5c6b24633472e51ba3a1f376ada323f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

68ec6f0a2648bcd2ecd9de0e98482228

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
GetParent
GetSystemMetrics
GetDC
CharNextA
GetDesktopWindow

kernel32

VirtualAlloc
lstrlenW
GetUserDefaultLangID
GlobalFindAtomA
SetCurrentDirectoryA
GetOEMCP
GetCurrentThreadId
GetStartupInfoA
VirtualFree
IsDebuggerPresent
GetProcessHeap
DeleteFileA
GetThreadLocale
lstrlenA
GetVersion
GetACP
GetDriveTypeA
lstrcmpiA
QueryPerformanceCounter
GetWindowsDirectoryA
GetCurrentThread
lstrcmpA
RemoveDirectoryA
DeleteFileW
GetConsoleOutputCP
GetTickCount
GetCommandLineA
CopyFileA
GetCurrentProcess
MulDiv
GetCommandLineW
GlobalFindAtomW
lstrcmpiW

gdi32

CreatePalette
LineTo
SetStretchBltMode
CreateSolidBrush
RestoreDC
GetTextMetricsA
RectVisible
CreateFontIndirectA
SaveDC
GetObjectA
PatBlt
SetMapMode
SelectPalette
DeleteObject
SetTextColor
SelectObject
SetTextAlign
CreatePen
GetClipBox
GetStockObject
DeleteDC
CreateCompatibleDC
GetPixel
GetDeviceCaps

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Dgqru En
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Hwrxlfcf
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68ec6f0a2648bcd2ecd9de0e98482228

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 11KB - Virtual size: 10KB

Dgqru En Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 25KB

Hwrxlfcf Size: 512B - Virtual size: 4KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 29KB - Virtual size: 29KB

.text
Size: 11KB - Virtual size: 10KB

Dgqru En
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 25KB

Hwrxlfcf
Size: 512B - Virtual size: 4KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 29KB - Virtual size: 29KB