ad4476e91b603385ca3a5e89f950631c_JaffaCakes118

General

Target

ad4476e91b603385ca3a5e89f950631c_JaffaCakes118
Size

168KB
MD5

ad4476e91b603385ca3a5e89f950631c
SHA1

0fcc148a64cca648a62fceeb79823c3a7e21fc63
SHA256

da32fbff22af602bd23b9048e0e31d364e7ff2f9092d2a4891676b798789cb9d
SHA512

e758a7ec27f78d11a24dc3bf9937d42ac191793910872937509d24c84a9bd22b8fd27b691c60a3eac03aa8bf5a6d4da916e8e142a48ad52673bd438b2391fbc0
SSDEEP

3072:Wb3r89/VtJxbVohVmxslI3hEREVLunwhq12nt5nKo37ME:W38p5xb6wslEERILlTrKuME

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad4476e91b603385ca3a5e89f950631c_JaffaCakes118

Files

ad4476e91b603385ca3a5e89f950631c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3b5763e56afd88c6a720e52ba4feb03c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetObjectA
LineTo
SetMapMode
DeleteObject
RestoreDC
GetDeviceCaps
SelectObject
SetTextAlign
CreatePen
GetClipBox
CreatePalette
SetStretchBltMode
CreateCompatibleDC
SelectPalette
GetPixel
CreateFontIndirectA
GetTextMetricsA
GetStockObject
SaveDC
DeleteDC
RectVisible
CreateSolidBrush
SetTextColor
PatBlt

user32

TranslateMessage
CharNextA
GetDesktopWindow
GetSystemMetrics
GetDC
GetParent

kernel32

GetModuleHandleA
lstrlenW
lstrcmpiA
GlobalFindAtomW
VirtualAlloc
GetCurrentThread
DeleteFileW
GetVersion
VirtualFree
GetWindowsDirectoryA
DeleteFileA
GetStartupInfoA
GetUserDefaultLangID
GetDriveTypeA
GetModuleHandleW
GetConsoleOutputCP
GetCurrentProcess
RemoveDirectoryA
QueryPerformanceCounter
GlobalFindAtomA
GetACP
GetProcessHeap
CopyFileA
IsDebuggerPresent
GetThreadLocale
MulDiv
GetCurrentProcessId
GetCommandLineW
GetOEMCP
lstrcmpA
GetTickCount
GetCurrentThreadId
lstrcmpiW
SetCurrentDirectoryA

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Iobewe M
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Aqybpvnb
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b5763e56afd88c6a720e52ba4feb03c

Headers

File Characteristics

Imports

gdi32

user32

kernel32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Iobewe M Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 25KB

Aqybpvnb Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 29KB - Virtual size: 29KB

.text
Size: 10KB - Virtual size: 10KB

Iobewe M
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 25KB

Aqybpvnb
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 29KB - Virtual size: 29KB