61fdde44265c51ae819d4dbaf17f2945_JaffaCakes118

General

Target

61fdde44265c51ae819d4dbaf17f2945_JaffaCakes118
Size

114KB
MD5

61fdde44265c51ae819d4dbaf17f2945
SHA1

1368c32d8009e488cad771fa43037973e80dc4e4
SHA256

2d9a163adaea56bfbef6756f0cf1ed9ccf270b1c83a5f596b006e62ae1a5b0be
SHA512

4a5259c973cb641b5bc6e79a6c23d00252dcd28b20fc4980fb685340cc98846d8dec64d2fc5c6c00136b65b4a5750b8333695fe3d5247cdd4a06c592644c4cfb
SSDEEP

3072:e77ObRcT3DUlkKzHBoaRPHKznNJn7UAj:SObRcYz9RqnX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61fdde44265c51ae819d4dbaf17f2945_JaffaCakes118

Files

61fdde44265c51ae819d4dbaf17f2945_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7733589da990f0564b282c3ac3f8786d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCurrentDirectoryA
lstrlenW
DeleteFileA
CopyFileA
lstrcmpiA
lstrcmpA
GetOEMCP
GlobalFindAtomA
GetThreadLocale
GetDriveTypeA
RemoveDirectoryA
GetCurrentProcessId
GetVersion
GetCommandLineW
lstrlenA
GetProcessHeap
GetModuleHandleW
GetCurrentProcess
GetStartupInfoA
GetUserDefaultLangID
GetACP
GetModuleHandleA
GetCurrentThread
GetConsoleOutputCP
VirtualAlloc
IsDebuggerPresent
VirtualFree
MulDiv
GlobalFindAtomW
lstrcmpiW
DeleteFileW
RemoveDirectoryW
GetWindowsDirectoryA
GetCommandLineA
GetTickCount
GetCurrentThreadId
QueryPerformanceCounter

user32

GetSystemMetrics
GetParent
CharNextA
GetDesktopWindow
TranslateMessage

gdi32

DeleteDC
SetTextColor
PatBlt
CreateCompatibleDC
SetMapMode
SaveDC
CreateSolidBrush
RectVisible
GetTextMetricsA
GetObjectA
SetStretchBltMode
CreatePalette
SelectPalette
SelectObject
GetClipBox
RestoreDC
GetDeviceCaps
LineTo
CreateFontIndirectA
GetPixel
DeleteObject
CreatePen
SetTextAlign
SetPixel
GetStockObject

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7733589da990f0564b282c3ac3f8786d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

glu32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 79KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 79KB

.rsrc
Size: 13KB - Virtual size: 13KB