8d7f144acd712fc252c60a4990c0d76a_JaffaCakes118

General

Target

8d7f144acd712fc252c60a4990c0d76a_JaffaCakes118
Size

111KB
MD5

8d7f144acd712fc252c60a4990c0d76a
SHA1

4315204cdec18db6cad3f3c94f5ee33da34718e1
SHA256

c99a866629341b35f80f8ae4e493ee617a38d4aa4ab517fa79e0672953ddc6cb
SHA512

c0022cbb515fcd2bf465652989a1958ec5b9b06b7052d54324e72e2dedc8a3ad2a1ceb29ef281de416fef3e1324359ea35e1a86d0cb2bdc134800f6306af7843
SSDEEP

1536:XMt1XA7DdU+c1g25KLfk4zYhG7J81gcNeAjDkFYbH3XzxGTqr0jc4:XS+7Y1goKYhG7JSNdfbHzxGTvjc4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d7f144acd712fc252c60a4990c0d76a_JaffaCakes118

Files

8d7f144acd712fc252c60a4990c0d76a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7735fe64098610fd664cbe17b41679f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateFontIndirectA
GetTextMetricsA
GetClipBox
SetTextAlign
CreateCompatibleDC
GetObjectA
GetPixel
SelectPalette
LineTo
CreatePen
GetDeviceCaps
CreatePalette
SetMapMode
DeleteDC
DeleteObject
SelectObject
PatBlt
RestoreDC
SetTextColor
SetStretchBltMode
SetPixel
RectVisible
CreateSolidBrush
GetStockObject
SaveDC

kernel32

GetCommandLineA
GetCurrentProcessId
GlobalFindAtomW
GetACP
GetUserDefaultLangID
lstrcmpiW
GetCommandLineW
GetStartupInfoA
GetConsoleOutputCP
lstrlenA
GetDriveTypeA
GetVersion
GetModuleHandleW
RemoveDirectoryA
GetTickCount
QueryPerformanceCounter
SetCurrentDirectoryA
IsDebuggerPresent
GetWindowsDirectoryA
GetThreadLocale
GlobalFindAtomA
DeleteFileA
GetModuleHandleA
MulDiv
GetCurrentProcess
lstrcmpiA
GetOEMCP
GetProcessHeap
RemoveDirectoryW
DeleteFileW
CopyFileA
GetCurrentThreadId
GetCurrentThread
lstrcmpA
lstrlenW
VirtualAlloc
VirtualFree

user32

CharNextA
GetParent
TranslateMessage
GetDesktopWindow
GetSystemMetrics

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wybzpmo
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7735fe64098610fd664cbe17b41679f3

Headers

File Characteristics

Imports

gdi32

kernel32

user32

glu32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 78KB

.rsrc Size: 11KB - Virtual size: 39KB

wybzpmo Size: - Virtual size: 4KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 11KB - Virtual size: 39KB

wybzpmo
Size: - Virtual size: 4KB