a7f2f3d3582494383d67f5249f2ea6c7_JaffaCakes118

General

Target

a7f2f3d3582494383d67f5249f2ea6c7_JaffaCakes118
Size

101KB
MD5

a7f2f3d3582494383d67f5249f2ea6c7
SHA1

7772410238352e4955b32104e7d9cbbbf697ae92
SHA256

73bdf8cf5507a4384a852bb2c0ea6e113513606221e1cd7dafe8141d762deba4
SHA512

77c7df3abc711771080101e3d9e83394c1bbcafe277114475dafc4fb1b045329c9c188c0855f994e54e4bca12c8d79c69c8eac62bb334b6e4d7c6afd64161453
SSDEEP

1536:B0cAlVlVL/YG6rNUCR62ploJR03rSSO3G46otSU7nDP17BvgaxVw:B0Pl3USiloj0jYf77ZZV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7f2f3d3582494383d67f5249f2ea6c7_JaffaCakes118

Files

a7f2f3d3582494383d67f5249f2ea6c7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

46683679d41b02d199386c451209701d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetOEMCP
GetCurrentThreadId
lstrcmpiW
GetACP
GetTickCount
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentProcess
GetConsoleOutputCP
IsDebuggerPresent
MulDiv
VirtualAlloc
GetModuleHandleW
CopyFileA
GetStartupInfoA
GetThreadLocale
lstrcmpA
VirtualFree
GetCurrentThread
GetCommandLineA
lstrlenW
GetCommandLineW
GlobalFindAtomW
GetWindowsDirectoryA
SetCurrentDirectoryA
GetModuleHandleA
DeleteFileW
lstrlenA
DeleteFileA
GetVersion
GlobalFindAtomA
RemoveDirectoryW
lstrcmpiA
GetUserDefaultLangID
ExitProcess
RemoveDirectoryA

user32

GetDesktopWindow
GetSystemMetrics
TranslateMessage
GetParent
CharNextA
GetDC

gdi32

SelectObject
LineTo
CreateFontIndirectA
SetTextAlign
RestoreDC
CreatePen
CreateCompatibleDC
GetObjectA
SetTextColor
CreateSolidBrush
RectVisible
DeleteDC
CreatePalette
GetDeviceCaps
GetPixel
GetStockObject
SelectPalette
GetClipBox
SetMapMode
PatBlt
SaveDC
SetStretchBltMode
DeleteObject
GetTextMetricsA
GetNearestPaletteIndex

glu32

gluQuadricCallback

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46683679d41b02d199386c451209701d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

glu32

Sections

.text Size: 21KB - Virtual size: 20KB

.data Size: 63KB - Virtual size: 63KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 21KB - Virtual size: 20KB

.data
Size: 63KB - Virtual size: 63KB

.rsrc
Size: 15KB - Virtual size: 15KB