875a91de595b66eb005f1fbbc086697f_JaffaCakes118

General

Target

875a91de595b66eb005f1fbbc086697f_JaffaCakes118
Size

105KB
MD5

875a91de595b66eb005f1fbbc086697f
SHA1

a0dd318e7c3753ddadee004d7923f351d8123a67
SHA256

cc0737acadf5c124a53277c0ae8f7a96fb4fc6e9b8283bc27cfd2bb987df2cf4
SHA512

c7ad21d307c9d341cacd4c27b11ec8c92888666e285480be8d5908fb4e28852bcd83fbfd0ca308b16044e49e4e54c911f39c8202bc208a9b0f0fd081d7cd1c89
SSDEEP

1536:8NyqJ2XgxUpZUP7zvYlfIn+uB4mPyiK3SGR9PW2TBRyWF1sNeRY9nD6Tif8WKyO8:+12XvpZxlmsmUwCjyC3RuDYWKlSaz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
875a91de595b66eb005f1fbbc086697f_JaffaCakes118

Files

875a91de595b66eb005f1fbbc086697f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

aa3226f4fcc9df6aed08fec1b91034c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
GetCurrentThreadId
GetConsoleOutputCP
DeleteFileW
lstrcmpiA
GlobalFindAtomW
DeleteFileA
GetStartupInfoA
RemoveDirectoryW
lstrcmpiW
SetCurrentDirectoryA
GetWindowsDirectoryA
GetOEMCP
GetUserDefaultLangID
GetCurrentProcess
lstrlenA
GlobalFindAtomA
GetCommandLineW
GetModuleHandleW
GetCommandLineA
ExitProcess
MulDiv
GetACP
IsDebuggerPresent
lstrcmpA
GetDriveTypeA
GetCurrentProcessId
lstrlenW
GetTickCount
GetCurrentThread
RemoveDirectoryA
GetThreadLocale
GetVersion
GetProcessHeap
CopyFileA
VirtualAlloc
VirtualFree

gdi32

GetTextMetricsA
GetPixel
SaveDC
GetObjectA
DeleteObject
SelectPalette
PatBlt
CreateFontIndirectA
SetTextColor
GetDeviceCaps
CreateSolidBrush
GetNearestPaletteIndex
RestoreDC
LineTo
SelectObject
SetStretchBltMode
CreateCompatibleDC
CreatePen
SetMapMode
RectVisible
CreatePalette
GetClipBox
GetStockObject
DeleteDC
SetTextAlign

user32

GetDesktopWindow
GetDC
GetSystemMetrics
TranslateMessage
CharNextA
GetParent

glu32

gluQuadricCallback

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa3226f4fcc9df6aed08fec1b91034c5

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 72KB - Virtual size: 72KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 72KB - Virtual size: 72KB

.rsrc
Size: 11KB - Virtual size: 11KB