7136fa0c9c26d5bc2b846dae9dae7131_JaffaCakes118

General

Target

7136fa0c9c26d5bc2b846dae9dae7131_JaffaCakes118
Size

114KB
MD5

7136fa0c9c26d5bc2b846dae9dae7131
SHA1

454d9071a9c10bc9473ade9827ea39351eb5e4df
SHA256

5eb7072f51d53297d40d0c1bbe11d2b996e83f2d02bf61b682f1ddede49a696f
SHA512

f4a4d84b3c4b730234f10ada3093eca10ab27fc0cc151e5987c17ecaa55401b6bce6e219a6829f3eed62d5a9d8b34e8943d894bf65ffeeba8f4c2c71a6bb1006
SSDEEP

3072:12IMVjm/13rOjQb3zJIAQlBZ8vZ7WsjROR1:12MiMnh4s1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7136fa0c9c26d5bc2b846dae9dae7131_JaffaCakes118

Files

7136fa0c9c26d5bc2b846dae9dae7131_JaffaCakes118
.exe windows:4 windows x86 arch:x86

29c6fb885afa5b66c7db3dc244ab2c67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleOutputCP
lstrcmpiA
GetCurrentThread
lstrcmpA
GetStartupInfoA
IsDebuggerPresent
GetThreadLocale
GetCurrentProcessId
GlobalFindAtomA
RemoveDirectoryA
GetModuleHandleA
GetACP
GetCommandLineA
DeleteFileA
GetDriveTypeA
GetTickCount
VirtualAlloc
GlobalFindAtomW
GetCurrentThreadId
VirtualFree
CopyFileA
GetWindowsDirectoryA
DeleteFileW
GetModuleHandleW
lstrlenW
lstrlenA
lstrcmpiW
GetProcessHeap
GetUserDefaultLangID
MulDiv
SetCurrentDirectoryA
GetCommandLineW
GetCurrentProcess
GetVersion
RemoveDirectoryW
GetOEMCP
QueryPerformanceCounter

gdi32

SetStretchBltMode
GetPixel
GetDeviceCaps
SaveDC
CreatePalette
SelectObject
DeleteObject
SetTextAlign
CreateCompatibleDC
LineTo
CreatePen
RestoreDC
DeleteDC
SetTextColor
SetMapMode
CreateSolidBrush
GetTextMetricsA
GetClipBox
CreateFontIndirectA
GetStockObject
SelectPalette
GetObjectA
PatBlt
SetPixel
RectVisible

user32

GetSystemMetrics
CharNextA
GetDesktopWindow
GetParent
TranslateMessage

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29c6fb885afa5b66c7db3dc244ab2c67

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 80KB - Virtual size: 80KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 80KB - Virtual size: 80KB

.rsrc
Size: 11KB - Virtual size: 11KB