b24189d2912cdfa88a16ad0beed15005_JaffaCakes118

General

Target

b24189d2912cdfa88a16ad0beed15005_JaffaCakes118
Size

116KB
MD5

b24189d2912cdfa88a16ad0beed15005
SHA1

d16aeca71f30ddf609ea5abf17a4de89389ae0b8
SHA256

afd1932ef560600f58821f4fa82ee312f064f9840de6a21d46e0a32a279b53f2
SHA512

eb81fd234d3ba0ff10f7798c84c5b9db6c5dfb1b5f73581661ac3302e042bd693cdd17f99814f89128e133016c1d94b3a772543a87e5c01e8c5c5bd43e4f6a15
SSDEEP

1536:e9EL4TUSNs2KdTAleLrbO3xWM0OtmHMsfm7ZWV/sbNBm9j2jg/wV7MxvBFnoqfa:eZopsoLrbg0VhE/k9j2jn7MxJFnoqf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b24189d2912cdfa88a16ad0beed15005_JaffaCakes118

Files

b24189d2912cdfa88a16ad0beed15005_JaffaCakes118
.exe windows:5 windows x86 arch:x86

54c2fb8f740f737f87d92820803e15f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
GetDesktopWindow
TranslateMessage
GetParent
CharNextA

kernel32

GetACP
DeleteFileA
GetThreadLocale
GetWindowsDirectoryA
VirtualAlloc
GetCurrentProcessId
VirtualFree
GetModuleHandleA
lstrcmpiA
MulDiv
GetCurrentThread
GetConsoleOutputCP
GetStartupInfoA
lstrlenW
GetOEMCP
GetDriveTypeA
GetTickCount
lstrcmpiW
RemoveDirectoryA
GetVersion
lstrcmpA
RemoveDirectoryW
GetUserDefaultLangID
DeleteFileW
IsDebuggerPresent
GetCommandLineA
GetProcessHeap
QueryPerformanceCounter
GlobalFindAtomW
GlobalFindAtomA
GetCommandLineW
lstrlenA
GetModuleHandleW
SetCurrentDirectoryA
CopyFileA
GetCurrentThreadId
GetCurrentProcess

gdi32

SetTextColor
GetClipBox
LineTo
GetObjectA
SaveDC
CreateCompatibleDC
RectVisible
GetStockObject
CreatePen
CreatePalette
RestoreDC
CreateFontIndirectA
SelectPalette
DeleteObject
PatBlt
SetPixel
CreateSolidBrush
GetTextMetricsA
SetMapMode
GetDeviceCaps
SelectObject
SetTextAlign
SetStretchBltMode
DeleteDC
GetPixel

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54c2fb8f740f737f87d92820803e15f5

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 80KB - Virtual size: 79KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 80KB - Virtual size: 79KB

.rsrc
Size: 15KB - Virtual size: 14KB