70f8c7cdac866756d36de8d2f66b1655_JaffaCakes118

General

Target

70f8c7cdac866756d36de8d2f66b1655_JaffaCakes118
Size

102KB
MD5

70f8c7cdac866756d36de8d2f66b1655
SHA1

f41434f5e1f7f6b37a055c77007042c7a0e7a264
SHA256

79f1c1dc9db47ac6fadd2c71be73ab9456e3510e7da230f14a09b05781fc8f4f
SHA512

b1c4e6449bddc797ef087b055a0ba6f35ff0ce11867bc604d642e4b8aa2ed4aa598223f99d0816f88b9e6a7fb1e0733bd2e4d08fc857fc72388a823fc0f269e2
SSDEEP

1536:lH5Jbg2ouNoSYszy1QESFzUEdq0wf+A9BtokJunMvckdS3fxAVWwNeKYb3ZQFd/l:nhzy1hoIE83f+atpoendS3pAf+Gd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70f8c7cdac866756d36de8d2f66b1655_JaffaCakes118

Files

70f8c7cdac866756d36de8d2f66b1655_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d5ada2aa003aaaee6faa44bac11e61d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
TranslateMessage
GetParent
GetDC
GetSystemMetrics
CharNextA

gdi32

SelectPalette
CreateSolidBrush
SetTextAlign
SetStretchBltMode
CreateCompatibleDC
CreatePen
SelectObject
DeleteObject
SetTextColor
DeleteDC
CreatePalette
GetDeviceCaps
RestoreDC
CreateFontIndirectA
GetPixel
GetTextMetricsA
GetObjectA
GetClipBox
RectVisible
GetStockObject
SaveDC
PatBlt
SetMapMode
GetNearestPaletteIndex
LineTo

kernel32

GetConsoleOutputCP
GetWindowsDirectoryA
DeleteFileW
VirtualAlloc
GetModuleHandleA
GetCurrentThreadId
GetVersion
GetOEMCP
GetACP
GetCurrentProcessId
GetStartupInfoA
VirtualFree
GetCurrentThread
GetProcessHeap
GlobalFindAtomW
lstrlenA
lstrcmpA
GetCurrentProcess
lstrlenW
GetCommandLineA
CopyFileA
GetCommandLineW
IsDebuggerPresent
lstrcmpiA
RemoveDirectoryA
GetModuleHandleW
GetDriveTypeA
SetCurrentDirectoryA
RemoveDirectoryW
QueryPerformanceCounter
DeleteFileA
GetTickCount
GetThreadLocale
GlobalFindAtomA
MulDiv
ExitProcess
lstrcmpiW
GetUserDefaultLangID

glu32

gluQuadricCallback

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5ada2aa003aaaee6faa44bac11e61d0

Headers

File Characteristics

Imports

user32

gdi32

kernel32

glu32

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 67KB - Virtual size: 66KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 67KB - Virtual size: 66KB

.rsrc
Size: 14KB - Virtual size: 13KB