a46007d7cf05bceff187a8d674b36cf7_JaffaCakes118

General

Target

a46007d7cf05bceff187a8d674b36cf7_JaffaCakes118
Size

101KB
MD5

a46007d7cf05bceff187a8d674b36cf7
SHA1

dbef697743430b48048ac37db95756bd03115971
SHA256

152275f065f92f6d3b8bbe6fe1f1d149006534de96cff6eb9beabe3a19a22aed
SHA512

56ffffec1d4060cfadfbe0aafe98efb757079ca6ad347a1e2ec2347b3a77c2881b046e940549f21adb97c63864c67dd5c3010266c7abd469b435f251dede717d
SSDEEP

1536:z2aElAEWAcjDZEn9DQoLB+AUAaum+jbUcIST9zAhR2:z2aE+EWAkoDNCAaE7ISCy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a46007d7cf05bceff187a8d674b36cf7_JaffaCakes118

Files

a46007d7cf05bceff187a8d674b36cf7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f26005b5896f87a6dd744765df9e9ee6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
SetCurrentDirectoryA
lstrcmpiA
DeleteFileA
GetCurrentThreadId
GetCurrentProcess
GetDriveTypeA
lstrcmpA
QueryPerformanceCounter
GetConsoleOutputCP
IsDebuggerPresent
GetCurrentProcessId
GetModuleHandleA
GetProcessHeap
DeleteFileW
GetThreadLocale
GetCommandLineA
CopyFileA
GetWindowsDirectoryA
RemoveDirectoryW
GetCommandLineW
GetOEMCP
lstrlenW
GetStartupInfoA
GetTickCount
RemoveDirectoryA
GetModuleHandleW
GetACP
lstrcmpiW
ExitProcess
GlobalFindAtomW
GlobalFindAtomA
MulDiv
GetCurrentThread
GetUserDefaultLangID
VirtualAlloc
GetVersion
VirtualFree

gdi32

RectVisible
SelectPalette
LineTo
SetTextColor
GetStockObject
SetTextAlign
SaveDC
GetObjectA
CreatePalette
GetClipBox
DeleteDC
GetPixel
CreateSolidBrush
SetStretchBltMode
PatBlt
SetMapMode
GetDeviceCaps
GetTextMetricsA
CreateCompatibleDC
SelectObject
GetNearestPaletteIndex
CreateFontIndirectA
DeleteObject
RestoreDC
CreatePen

user32

GetDesktopWindow
GetDC
GetParent
GetSystemMetrics
CharNextA
TranslateMessage

glu32

gluQuadricCallback

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f26005b5896f87a6dd744765df9e9ee6

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 67KB - Virtual size: 66KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 67KB - Virtual size: 66KB

.rsrc
Size: 12KB - Virtual size: 12KB