859b0538271dc408070e91f0695cdbe4_JaffaCakes118

General

Target

859b0538271dc408070e91f0695cdbe4_JaffaCakes118
Size

111KB
MD5

859b0538271dc408070e91f0695cdbe4
SHA1

8cfdc768ab0ef7224ea694a5d7db629942e79321
SHA256

818c3251143f6e8941cf04f95cbfe13658bca81c42c4571d886459063eb3a211
SHA512

f83766e5911c6f3e1aa6b38744bcc3e6c2d1ba38bf42b7fc3f6c64b8c6baf2bbf341f5c1da172e382cd7daadfd823ce544d881b55e9cfc9248aeda2befd798cd
SSDEEP

1536:XSebtaotDq8j+NSgzd6lHSaxR9bRk6I6BkldV2UrZW9I:C4YN7h6lH/bHITldvrZz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
859b0538271dc408070e91f0695cdbe4_JaffaCakes118

Files

859b0538271dc408070e91f0695cdbe4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7ae0eb6c869d2da076927018ad5cf9ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFindAtomA
GetCommandLineA
QueryPerformanceCounter
GetProcessHeap
GetVersion
CopyFileA
GetConsoleOutputCP
GetModuleHandleW
GetCurrentThread
GetStartupInfoA
GetDriveTypeA
GetCurrentProcessId
GetThreadLocale
lstrcmpiW
GetModuleHandleA
DeleteFileA
GetCommandLineW
RemoveDirectoryA
SetCurrentDirectoryA
lstrlenA
GetCurrentThreadId
DeleteFileW
lstrlenW
GetWindowsDirectoryA
MulDiv
GetCurrentProcess
lstrcmpiA
GetACP
GetOEMCP
VirtualAlloc
IsDebuggerPresent
VirtualFree
GlobalFindAtomW
lstrcmpA
GetTickCount
GetUserDefaultLangID
RemoveDirectoryW

gdi32

CreateFontIndirectA
GetStockObject
CreateCompatibleDC
CreatePen
DeleteObject
SelectObject
SetTextColor
SaveDC
DeleteDC
LineTo
PatBlt
SetTextAlign
RectVisible
GetObjectA
RestoreDC
CreatePalette
SetMapMode
GetClipBox
GetPixel
SetStretchBltMode
SelectPalette
GetDeviceCaps
GetTextMetricsA
SetPixel
CreateSolidBrush

user32

CharNextA
GetParent
GetSystemMetrics
GetDesktopWindow
TranslateMessage

glu32

gluQuadricCallback

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ae0eb6c869d2da076927018ad5cf9ba

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 79KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 79KB

.rsrc
Size: 11KB - Virtual size: 11KB