883bf94aa789aa533725ea77c993a7a2_JaffaCakes118

General

Target

883bf94aa789aa533725ea77c993a7a2_JaffaCakes118
Size

111KB
MD5

883bf94aa789aa533725ea77c993a7a2
SHA1

ee2cbd469b9cc985d1b19d5619ae2155fc21854c
SHA256

e5341094f0e34f6da32cbd1015664f6520d249a4bc50550fa2c8eaa896561731
SHA512

2ecafd9b91120ab938982d202722883fc84e370d910a203476e2fdd73bc191a55bb8a4dc7605d88e958677a80e5d32fdfbf69a3e32a491244391ca98dace37f4
SSDEEP

1536:ghxKEtnly8oDTvMfnVyakxBrvH9xyu6oQJUt5ggN20ZKHvj2lZDRvT:ghMOlAHvMfwakLT9xrFQIRI7CZDRv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
883bf94aa789aa533725ea77c993a7a2_JaffaCakes118

Files

883bf94aa789aa533725ea77c993a7a2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6b61113c7f01f71056df1395a11aac51

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetCurrentThread
GlobalFindAtomW
GetCurrentProcess
DeleteFileW
GetConsoleOutputCP
lstrlenW
GetDriveTypeA
IsDebuggerPresent
VirtualAlloc
CopyFileA
GetTickCount
lstrcmpiA
GetModuleHandleA
lstrcmpiW
VirtualFree
GetStartupInfoA
RemoveDirectoryA
GetWindowsDirectoryA
MulDiv
GetUserDefaultLangID
GlobalFindAtomA
GetACP
GetModuleHandleW
RemoveDirectoryW
GetCommandLineA
lstrlenA
GetThreadLocale
GetVersion
GetCurrentThreadId
GetCommandLineW
QueryPerformanceCounter
GetCurrentProcessId
GetProcessHeap
SetCurrentDirectoryA
DeleteFileA

gdi32

GetDeviceCaps
GetStockObject
CreateCompatibleDC
GetObjectA
SetMapMode
SetTextAlign
DeleteDC
RestoreDC
GetTextMetricsA
SaveDC
GetPixel
CreatePalette
GetClipBox
CreateFontIndirectA
SelectObject
RectVisible
SelectPalette
SetStretchBltMode
CreateSolidBrush
PatBlt
CreatePen
SetTextColor
LineTo
SetPixel
DeleteObject

user32

CharNextA
GetSystemMetrics
GetDesktopWindow
GetParent
TranslateMessage

glu32

gluQuadricCallback

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b61113c7f01f71056df1395a11aac51

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 79KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 79KB

.rsrc
Size: 10KB - Virtual size: 10KB