62a68ce6b4b582edc4559dc542b96c16_JaffaCakes118

General

Target

62a68ce6b4b582edc4559dc542b96c16_JaffaCakes118
Size

96KB
MD5

62a68ce6b4b582edc4559dc542b96c16
SHA1

33918a62dcdf2d99fcd3d01a6b7c101884566b78
SHA256

49d3f31ee5bc9e25eef0eb88c3be411f3d267e946fb6fab5cf12b201995414d2
SHA512

94174d8193ce217ccaa65556bfb416b7ef49cb043a77590cb9df136cc5529005f75137acd3867e13f1cf775f076b11ec93f67e720d9a2ca1032afbaca22ecb6a
SSDEEP

1536:yaPMXkFUi3wp5Kneb/doysUtLoAoToTq2Xr9NLwUZG3D5:90Xk+6izbSysUtLoFoTDxVwUc3D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62a68ce6b4b582edc4559dc542b96c16_JaffaCakes118

Files

62a68ce6b4b582edc4559dc542b96c16_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d21563aafc027023322dbdea26f798b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
GetCurrentThreadId
GetTickCount
GetModuleHandleA
GetDriveTypeA
lstrcmpiW
MulDiv
GetCommandLineA
VirtualAlloc
GetCurrentProcessId
GetModuleHandleW
lstrlenW
QueryPerformanceCounter
GetCurrentThread
CopyFileA
GetCommandLineW
GetACP
GetCurrentProcess
GetUserDefaultLangID
lstrlenA
DeleteFileA
GetConsoleOutputCP
SetCurrentDirectoryA
GetVersion
GetStartupInfoA
GetOEMCP
RemoveDirectoryW
GetThreadLocale
GetProcessHeap
GetWindowsDirectoryA
GlobalFindAtomA
lstrcmpiA
ExitProcess
DeleteFileW
GlobalFindAtomW
lstrcmpA
IsDebuggerPresent

gdi32

GetStockObject
SelectObject
GetDeviceCaps
LineTo
DeleteObject
PatBlt
CreateCompatibleDC
RestoreDC
SelectPalette
GetObjectA
SetMapMode
GetTextMetricsA
GetClipBox
SetStretchBltMode
DeleteDC
CreatePen
GetPixel
SaveDC
RectVisible
GetNearestPaletteIndex
CreateFontIndirectA
SetTextAlign
SetTextColor
CreateSolidBrush

user32

GetDC
GetDesktopWindow
TranslateMessage
CharNextA
GetSystemMetrics
GetParent

glu32

gluQuadricCallback

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d21563aafc027023322dbdea26f798b0

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 61KB - Virtual size: 60KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 61KB - Virtual size: 60KB

.rsrc
Size: 14KB - Virtual size: 13KB