6f0cbe0ac13a87e23f90be3767c1a9f2_JaffaCakes118

General

Target

6f0cbe0ac13a87e23f90be3767c1a9f2_JaffaCakes118
Size

91KB
MD5

6f0cbe0ac13a87e23f90be3767c1a9f2
SHA1

99ac95dba59d3705e73ddba26020b4a2f007206e
SHA256

154f55373c4ca2fd6497f798b0f9e53c487fc73841fd33f553c84b0ed738b9e0
SHA512

443547a1af8a80e25aac3b01d2c34624e5506de01f2469e36fa31682f511ab0f132efd869edd4fb10d8f82f8e2ac501c2ebad1ef55906dc3eef4f8df47930f9e
SSDEEP

1536:XhDCyID9uy9TQZIYGFC0PEFckm1Om563OjkDynpDB5XiD3hK6JU1HzE9VwL:X8yI9uy9TNYcC0PEOqYnpDBMDuQTwL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f0cbe0ac13a87e23f90be3767c1a9f2_JaffaCakes118

Files

6f0cbe0ac13a87e23f90be3767c1a9f2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

78cc01ddfaa9eecdd28f46dfb6586d20

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetCommandLineW
SetCurrentDirectoryA
GetCurrentThread
QueryPerformanceCounter
DeleteFileW
GetConsoleOutputCP
lstrlenW
GetModuleHandleA
GetThreadLocale
RemoveDirectoryA
GetWindowsDirectoryA
GetOEMCP
GetDriveTypeA
lstrcmpA
lstrcmpiA
GetCurrentProcessId
IsDebuggerPresent
CopyFileA
GetUserDefaultLangID
GetACP
GlobalFindAtomW
GlobalFindAtomA
RemoveDirectoryW
GetModuleHandleW
GetStartupInfoA
DeleteFileA
GetTickCount
lstrcmpiW
GetProcessHeap
GetCommandLineA
ExitProcess
GetCurrentProcess
GetVersion
MulDiv
GetCurrentThreadId
VirtualAlloc

gdi32

GetClipBox
GetObjectA
RestoreDC
GetStockObject
SetStretchBltMode
LineTo
SetMapMode
SetTextAlign
PatBlt
CreateCompatibleDC
SetTextColor
SaveDC
DeleteObject
CreateFontIndirectA
GetPixel
SelectPalette
GetTextMetricsA
CreatePalette
DeleteDC
CreatePen
CreateSolidBrush
GetNearestPaletteIndex
RectVisible
SelectObject
GetDeviceCaps

user32

GetParent
GetDesktopWindow
CharNextA
GetSystemMetrics
GetDC
TranslateMessage

glu32

gluQuadricCallback

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78cc01ddfaa9eecdd28f46dfb6586d20

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 60KB - Virtual size: 59KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 60KB - Virtual size: 59KB

.rsrc
Size: 11KB - Virtual size: 10KB