8df8db32de236fd051ee63f28811eb94_JaffaCakes118

General

Target

8df8db32de236fd051ee63f28811eb94_JaffaCakes118
Size

100KB
MD5

8df8db32de236fd051ee63f28811eb94
SHA1

82f9fc744d9fd9953bd244ae14d28a5c505d7b7d
SHA256

0d6d56bc529f1723c3e4d1c3eb1eaf6713668dca89ff745850c0da114288c99e
SHA512

daf304ce14920d3f1fd0d36a04000e3b834fd1aaa0d457ea43502804017b5e3076af5516a06b7e045c98651f5e9e1cbc56fd4e44b91288fd2e40a1753f03045d
SSDEEP

1536:2UFzjFrSL1O/jE7BK4iqyTC9O45HZBjUz9FgxriiiQ9S6L5GdS:B1rSaKViqfO4555ifgxuLQ9ZId

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8df8db32de236fd051ee63f28811eb94_JaffaCakes118

Files

8df8db32de236fd051ee63f28811eb94_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5413faf0dc6080df4c63cad7444c61e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
GetThreadLocale
IsDebuggerPresent
GetUserDefaultLangID
RemoveDirectoryA
GetDriveTypeA
GetCurrentProcess
MulDiv
GetCurrentThread
GetCurrentProcessId
lstrlenW
lstrcmpiW
GetVersion
GetConsoleOutputCP
SetCurrentDirectoryA
lstrlenA
lstrcmpA
GetCommandLineA
GetCurrentThreadId
DeleteFileA
GetStartupInfoA
GlobalFindAtomA
GetCommandLineW
RemoveDirectoryW
GlobalFindAtomW
GetOEMCP
DeleteFileW
GetModuleHandleW
ExitProcess
GetProcessHeap
GetModuleHandleA
lstrcmpiA
GetWindowsDirectoryA
GetACP
GetTickCount
VirtualAlloc
VirtualFree
QueryPerformanceCounter

user32

TranslateMessage
GetDesktopWindow
CharNextA
GetDC
GetSystemMetrics
GetParent

gdi32

GetObjectA
DeleteObject
CreateSolidBrush
CreateFontIndirectA
RectVisible
GetDeviceCaps
RestoreDC
SelectObject
GetPixel
SetTextAlign
SetStretchBltMode
DeleteDC
GetClipBox
GetTextMetricsA
PatBlt
GetStockObject
CreateCompatibleDC
SetMapMode
SaveDC
CreatePen
GetNearestPaletteIndex
SelectPalette
SetTextColor
LineTo
CreatePalette

glu32

gluQuadricCallback

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5413faf0dc6080df4c63cad7444c61e0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

glu32

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 68KB - Virtual size: 67KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 68KB - Virtual size: 67KB

.rsrc
Size: 12KB - Virtual size: 11KB