a3f6052c0b249d8d60b55df45fe1bd08_JaffaCakes118

General

Target

a3f6052c0b249d8d60b55df45fe1bd08_JaffaCakes118
Size

94KB
MD5

a3f6052c0b249d8d60b55df45fe1bd08
SHA1

ed5f871820e52e7d62585ed7433a5efd79b90040
SHA256

17e95fb2aab25445f162d6696ef71d870f95ebc329958edf0957112250e0f9e5
SHA512

217f0071a75eef96384ed6d794a5e80800d422a71805b64924970d72d0751502bd26efc34133dac4aa3ee64ae6f0491194079327e3cf3d45b2e829b4c4ce4e06
SSDEEP

1536:xh4Hv9vMAPwGFWdYI5QvnD8l+jzZdHyuDLhdf3CeVWyu1KPE/:x4MVenI5QfD8l+XLDLhVky5PE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3f6052c0b249d8d60b55df45fe1bd08_JaffaCakes118

Files

a3f6052c0b249d8d60b55df45fe1bd08_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ca661708dc9c58a9a9fadb7726bc984

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleOutputCP
RemoveDirectoryA
GetACP
CopyFileA
GetCurrentProcess
GetCurrentProcessId
GetDriveTypeA
DeleteFileA
lstrlenW
GlobalFindAtomA
GetModuleHandleA
GetModuleHandleW
SetCurrentDirectoryA
lstrlenA
GetCommandLineA
GetStartupInfoA
lstrcmpA
lstrcmpiA
GetTickCount
GetCurrentThreadId
MulDiv
DeleteFileW
GlobalFindAtomW
GetProcessHeap
IsDebuggerPresent
GetCommandLineW
GetCurrentThread
GetVersion
GetOEMCP
QueryPerformanceCounter
GetWindowsDirectoryA
RemoveDirectoryW
GetThreadLocale
GetUserDefaultLangID
lstrcmpiW
ExitProcess
VirtualAlloc
VirtualFree

user32

TranslateMessage
GetParent
GetSystemMetrics
GetDC
GetDesktopWindow
CharNextA

gdi32

CreatePalette
GetDeviceCaps
DeleteDC
DeleteObject
GetObjectA
GetTextMetricsA
CreatePen
PatBlt
CreateCompatibleDC
SetTextColor
SaveDC
GetPixel
SetTextAlign
CreateSolidBrush
GetClipBox
SelectPalette
LineTo
SetMapMode
GetStockObject
RectVisible
SetStretchBltMode
RestoreDC
CreateFontIndirectA
GetNearestPaletteIndex
SelectObject

glu32

gluQuadricCallback

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ca661708dc9c58a9a9fadb7726bc984

Headers

File Characteristics

Imports

kernel32

user32

gdi32

glu32

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 63KB - Virtual size: 62KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 63KB - Virtual size: 62KB

.rsrc
Size: 11KB - Virtual size: 10KB