81f1883e0e51ab9025fdca90d00808a3_JaffaCakes118

General

Target

81f1883e0e51ab9025fdca90d00808a3_JaffaCakes118
Size

99KB
MD5

81f1883e0e51ab9025fdca90d00808a3
SHA1

01c0e7a15aa404052b488b90743e19e905b06fa1
SHA256

d8986c22a9bb0c9245b1bd239d0acf871cef5f157577194ee584f61ca912823f
SHA512

110d8d566f3cd8f7d195be965c105238818f96726a47a9a183f943e762a0fd2ddba2e1040872c44875fe167a3fa14533997b10f6444b854c12c6bb18b17b0eef
SSDEEP

1536:iR33SNH2aRwGl9E8bTFu2hz+xnnh5ANhpB+oqdWCSwNWRc2b4:I33aRZkiFzhz+xnh5s+oqdqqWRNb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81f1883e0e51ab9025fdca90d00808a3_JaffaCakes118

Files

81f1883e0e51ab9025fdca90d00808a3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c77076000a74c41d03b199bf1ea832e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetParent
GetDC
CharNextA
GetSystemMetrics
GetDesktopWindow
TranslateMessage

kernel32

GetProcessHeap
GetConsoleOutputCP
lstrlenW
GetThreadLocale
GetWindowsDirectoryA
GetUserDefaultLangID
GetCurrentThreadId
GetOEMCP
IsDebuggerPresent
GetCurrentThread
CopyFileA
lstrlenA
MulDiv
GetCurrentProcess
GetDriveTypeA
GetCommandLineA
lstrcmpiW
SetCurrentDirectoryA
lstrcmpiA
GetModuleHandleW
GetStartupInfoA
DeleteFileA
GlobalFindAtomW
GetACP
DeleteFileW
GetModuleHandleA
GetTickCount
lstrcmpA
RemoveDirectoryA
QueryPerformanceCounter
RemoveDirectoryW
GetCommandLineW
GetCurrentProcessId
ExitProcess
GetVersion
VirtualAlloc
VirtualFree
GlobalFindAtomA

gdi32

DeleteObject
RestoreDC
CreateSolidBrush
CreatePen
RectVisible
PatBlt
DeleteDC
SelectObject
CreateCompatibleDC
GetObjectA
LineTo
GetStockObject
CreatePalette
GetTextMetricsA
SelectPalette
SetTextColor
GetClipBox
GetDeviceCaps
SaveDC
GetPixel
CreateFontIndirectA
SetStretchBltMode
SetMapMode
SetTextAlign
GetNearestPaletteIndex

glu32

gluQuadricCallback

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c77076000a74c41d03b199bf1ea832e4

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 65KB - Virtual size: 65KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 65KB - Virtual size: 65KB

.rsrc
Size: 12KB - Virtual size: 11KB