84764bdafd0162ce7d785842264385e9_JaffaCakes118

General

Target

84764bdafd0162ce7d785842264385e9_JaffaCakes118
Size

169KB
MD5

84764bdafd0162ce7d785842264385e9
SHA1

7c911e4eedbbb41fe159975e2c2df4273c6352ea
SHA256

c08caddb4ac8f5f11ff8fc2e14365f5070493802e69739742b1daa659416f718
SHA512

118df88f564eec1970f890662e4713742238b70ecad7e1d7af6f0986bc6193ee2189b235f2be6a39b930134b27db92a71dbee454242ec50dab8bd17934409fdb
SSDEEP

3072:62U3nsrUX3slnjBXzi7ux++5P+Cnf7HkFtAWuZwEndVO7w:6HYXziKxrp+S7HzH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84764bdafd0162ce7d785842264385e9_JaffaCakes118

Files

84764bdafd0162ce7d785842264385e9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9b07638155e74a7a08db1556739e488a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
GetVersion
GetCurrentThread
GetConsoleOutputCP
GetProcessHeap
CopyFileA
MulDiv
GlobalFindAtomW
QueryPerformanceCounter
lstrcmpA
RemoveDirectoryA
GetModuleHandleA
GetACP
GetCurrentThreadId
GetStartupInfoA
IsDebuggerPresent
GlobalFindAtomA
GetThreadLocale
GetDriveTypeA
GetCurrentProcess
GetModuleHandleW
SetCurrentDirectoryA
GetCurrentProcessId
lstrcmpiW
GetTickCount
GetCommandLineA
DeleteFileA
DeleteFileW
lstrlenA
lstrlenW
VirtualAlloc
VirtualFree
GetWindowsDirectoryA
GetUserDefaultLangID
lstrcmpiA

gdi32

RestoreDC
GetObjectA
SetTextColor
GetStockObject
SelectPalette
GetPixel
SetMapMode
SetTextAlign
RectVisible
CreateSolidBrush
SetStretchBltMode
GetTextMetricsA
SelectObject
GetDeviceCaps
GetClipBox
LineTo
SaveDC
DeleteObject
CreatePalette
DeleteDC
CreatePen
PatBlt
CreateFontIndirectA
CreateCompatibleDC

user32

GetParent
TranslateMessage
CharNextA
GetSystemMetrics
GetDesktopWindow
GetDC

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Loex. Yc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Upqlfk X
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b07638155e74a7a08db1556739e488a

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 11KB - Virtual size: 10KB

Loex. Yc Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 26KB

Upqlfk X Size: 512B - Virtual size: 4KB

.data Size: 99KB - Virtual size: 98KB

.rsrc Size: 31KB - Virtual size: 30KB

.text
Size: 11KB - Virtual size: 10KB

Loex. Yc
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 26KB

Upqlfk X
Size: 512B - Virtual size: 4KB

.data
Size: 99KB - Virtual size: 98KB

.rsrc
Size: 31KB - Virtual size: 30KB