6aab7943ebed00cb9536d519758d985b_JaffaCakes118

General

Target

6aab7943ebed00cb9536d519758d985b_JaffaCakes118
Size

100KB
MD5

6aab7943ebed00cb9536d519758d985b
SHA1

11625f352a6ee3940f47f72a3f7e875ff52299fd
SHA256

2dbe9f87969d9a46b995ebfa64a627bfd74081b8e9fec57deeb899c0bc74cf88
SHA512

126e53503a4b969b9f9e624c1797935af167d2a2bbfbecbdcae0accc2033cd4c27edee1408a90cd1354453d78c866a88817bc36f6a7a71dd5f8b089cf150d6b8
SSDEEP

3072:09es+VoW81d8Wal2SIjlMXt1bt2pyMTc+:e+Vn+d8zgqj4sMT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6aab7943ebed00cb9536d519758d985b_JaffaCakes118

Files

6aab7943ebed00cb9536d519758d985b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7554d77862dd52f523e43616474ed32c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetParent
GetDesktopWindow
GetDC
CharNextA
GetSystemMetrics
TranslateMessage

kernel32

GetModuleHandleW
SetCurrentDirectoryA
IsDebuggerPresent
GetConsoleOutputCP
GetCurrentProcess
GetStartupInfoA
GlobalFindAtomA
GetProcessHeap
GetDriveTypeA
CopyFileA
GetCurrentProcessId
GetOEMCP
GetCurrentThreadId
GetACP
DeleteFileA
GetVersion
lstrlenW
QueryPerformanceCounter
DeleteFileW
GetTickCount
lstrcmpiA
GetWindowsDirectoryA
RemoveDirectoryA
GetCommandLineA
GetModuleHandleA
lstrcmpiW
GlobalFindAtomW
RemoveDirectoryW
MulDiv
GetCurrentThread
lstrcmpA
GetThreadLocale
ExitProcess
lstrlenA
GetUserDefaultLangID
VirtualAlloc
VirtualFree
GetCommandLineW

gdi32

RectVisible
SaveDC
SelectPalette
SetTextAlign
CreateCompatibleDC
CreatePalette
GetObjectA
CreateFontIndirectA
GetTextMetricsA
SelectObject
GetStockObject
SetTextColor
LineTo
GetClipBox
RestoreDC
DeleteObject
CreatePen
GetPixel
SetMapMode
CreateSolidBrush
PatBlt
SetStretchBltMode
DeleteDC
GetDeviceCaps
GetNearestPaletteIndex

glu32

gluQuadricCallback

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7554d77862dd52f523e43616474ed32c

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 66KB - Virtual size: 66KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 66KB - Virtual size: 66KB

.rsrc
Size: 12KB - Virtual size: 12KB