b32f552ba37bda4dc0380f643e042870_JaffaCakes118

General

Target

b32f552ba37bda4dc0380f643e042870_JaffaCakes118
Size

111KB
MD5

b32f552ba37bda4dc0380f643e042870
SHA1

71db11f1e95ef9ef4c8f440852137df52a019903
SHA256

186b1e31827f1c34e6be54cd508b8c1b48027c949663b970ce498243b475e8f4
SHA512

4adef4a62ac161388b30fe5cd532a9840f3d3329be12381c99c7c24aebe5feaf867d3358ed5c0f61152af878ea5203f7e1cbd871d4b3a39ecd56d74a0d184ff3
SSDEEP

3072:OTVjh1l3TrLOgCECkcXySNVjXpr8dFCxBS4rFzay0I3Z:OTp/l33L7CKI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b32f552ba37bda4dc0380f643e042870_JaffaCakes118

Files

b32f552ba37bda4dc0380f643e042870_JaffaCakes118
.exe windows:4 windows x86 arch:x86

17280b09f327b696afdfec10dc033677

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
CopyFileA
GetCurrentThreadId
IsDebuggerPresent
GetCurrentThread
RemoveDirectoryA
MulDiv
lstrcmpiW
lstrcmpiA
DeleteFileW
GetCommandLineW
GetProcessHeap
GetWindowsDirectoryA
GetDriveTypeA
GetCurrentProcessId
GetConsoleOutputCP
lstrcmpA
GetModuleHandleW
GetCurrentProcess
DeleteFileA
RemoveDirectoryW
GetVersion
GetTickCount
GetCommandLineA
GetACP
GetUserDefaultLangID
GetThreadLocale
GlobalFindAtomA
GetOEMCP
lstrlenW
QueryPerformanceCounter
GetModuleHandleA
SetCurrentDirectoryA
GetStartupInfoA
GlobalFindAtomW
VirtualAlloc
VirtualFree

user32

GetSystemMetrics
CharNextA
GetDesktopWindow
TranslateMessage
GetParent

gdi32

DeleteDC
RectVisible
GetObjectA
SetTextColor
GetStockObject
SelectObject
LineTo
GetPixel
CreatePen
SetMapMode
SetPixel
GetClipBox
CreateCompatibleDC
GetDeviceCaps
CreateSolidBrush
SetStretchBltMode
SaveDC
CreateFontIndirectA
SelectPalette
PatBlt
DeleteObject
CreatePalette
SetTextAlign
RestoreDC

glu32

gluQuadricCallback

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

17280b09f327b696afdfec10dc033677

Headers

File Characteristics

Imports

kernel32

user32

gdi32

glu32

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 78KB - Virtual size: 78KB

.rsrc Size: 12KB - Virtual size: 40KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 78KB - Virtual size: 78KB

.rsrc
Size: 12KB - Virtual size: 40KB