5d47e6194b72532926dee1f2aa0a4873_JaffaCakes118

General

Target

5d47e6194b72532926dee1f2aa0a4873_JaffaCakes118
Size

105KB
MD5

5d47e6194b72532926dee1f2aa0a4873
SHA1

91c73450d67b54041566cbd14678f2e9b42c54c9
SHA256

b92625006532e932ce56d4484ad3c2e4610530c579b320f8760c1b0141dd624f
SHA512

793b9df0b323aa23f1940eaf867a3df0d119c58ccd4e1436a33d4756bc90e10be7b75d45b59075c7cc2a1b7c77645ff41d4c1621ad397d71bfe3c12af3a5ee38
SSDEEP

1536:yTqB4NiUaG9PIX8sZ8UvMJUF9ADdk0KdoxAphJB0FxUPx5u/buEe:yTyKov0BuACJ5uF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d47e6194b72532926dee1f2aa0a4873_JaffaCakes118

Files

5d47e6194b72532926dee1f2aa0a4873_JaffaCakes118
.exe windows:5 windows x86 arch:x86

18db270b5c8a3fef4609def8ca8d5aca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
TranslateMessage
GetParent
GetDC
GetSystemMetrics
CharNextA

kernel32

GetVersion
GetCommandLineW
GetWindowsDirectoryA
GetTickCount
GetCurrentThread
GetACP
lstrlenW
GetCommandLineA
GetModuleHandleA
GetDriveTypeA
lstrcmpiW
GetOEMCP
IsDebuggerPresent
CopyFileA
GetConsoleOutputCP
GetModuleHandleW
DeleteFileW
GetCurrentProcessId
QueryPerformanceCounter
GetThreadLocale
RemoveDirectoryW
SetCurrentDirectoryA
GlobalFindAtomW
GlobalFindAtomA
DeleteFileA
lstrcmpiA
GetCurrentThreadId
GetStartupInfoA
ExitProcess
lstrcmpA
MulDiv
GetUserDefaultLangID
RemoveDirectoryA
lstrlenA
GetProcessHeap
VirtualAlloc

gdi32

SetStretchBltMode
CreatePen
CreateSolidBrush
SetTextAlign
GetStockObject
PatBlt
GetTextMetricsA
CreatePalette
RestoreDC
GetPixel
SelectObject
SetTextColor
SaveDC
GetObjectA
DeleteObject
GetNearestPaletteIndex
DeleteDC
GetDeviceCaps
CreateFontIndirectA
GetClipBox
RectVisible
SetMapMode
SelectPalette
CreateCompatibleDC
LineTo

glu32

gluQuadricCallback

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18db270b5c8a3fef4609def8ca8d5aca

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 21KB - Virtual size: 20KB

.data Size: 68KB - Virtual size: 67KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 21KB - Virtual size: 20KB

.data
Size: 68KB - Virtual size: 67KB

.rsrc
Size: 15KB - Virtual size: 14KB