63c60df1ecdf15794eb5239bf5c1e257_JaffaCakes118

General

Target

63c60df1ecdf15794eb5239bf5c1e257_JaffaCakes118
Size

167KB
MD5

63c60df1ecdf15794eb5239bf5c1e257
SHA1

7e7b4fadf24498a52b953b02bb4e57bd34ed8e29
SHA256

552d5b33f6a5a93fb16b86f7ada575c041622c15f149cc5e1ddf26425acab2a1
SHA512

56eefa853838f9d84060b45605e98841eea32339c7749a3297be5fbc289f4658ab7d4b98d36ba3eab3931c264d8cdd2cae70e10fcc22695fdd0649e4c301ffd9
SSDEEP

3072:KUtJJ8cukr6nCWLfS6Pr2o/OVZXrLPuvdU47RT0tNfO449Z3n/5wi:KEr8dhCWLNbmVZ7yvTVTAGK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63c60df1ecdf15794eb5239bf5c1e257_JaffaCakes118

Files

63c60df1ecdf15794eb5239bf5c1e257_JaffaCakes118
.exe windows:4 windows x86 arch:x86

44789d97d6bb0717b188df9ec93756a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
CopyFileA
GetCurrentProcessId
GlobalFindAtomW
lstrcmpA
lstrcmpiW
GetModuleHandleA
RemoveDirectoryA
GetCurrentProcess
GetVersion
GetModuleHandleW
GlobalFindAtomA
GetUserDefaultLangID
GetCommandLineW
GetCommandLineA
GetTickCount
GetCurrentThreadId
lstrlenW
GetOEMCP
GetThreadLocale
GetDriveTypeA
DeleteFileA
GetConsoleOutputCP
GetProcessHeap
IsDebuggerPresent
QueryPerformanceCounter
lstrcmpiA
GetWindowsDirectoryA
GetCurrentThread
GetStartupInfoA
SetCurrentDirectoryA
VirtualAlloc
GetACP
MulDiv
VirtualFree

user32

CharNextA
GetDC
GetSystemMetrics
GetDesktopWindow
GetParent
TranslateMessage

gdi32

GetClipBox
GetObjectA
GetPixel
CreateCompatibleDC
CreatePen
GetDeviceCaps
GetStockObject
SetStretchBltMode
SetMapMode
RectVisible
DeleteObject
SelectPalette
PatBlt
SelectObject
GetTextMetricsA
CreateSolidBrush
LineTo
CreateFontIndirectA
RestoreDC
DeleteDC
SetTextColor
CreatePalette
SaveDC
SetTextAlign

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Fdvjc Sg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Makhcido
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44789d97d6bb0717b188df9ec93756a6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

glu32

Sections

.text Size: 11KB - Virtual size: 11KB

Fdvjc Sg Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 25KB

Makhcido Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.rsrc Size: 27KB - Virtual size: 27KB

.text
Size: 11KB - Virtual size: 11KB

Fdvjc Sg
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 25KB

Makhcido
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 27KB - Virtual size: 27KB