b5ef7da8073ba987e4b4e23644e9407d_JaffaCakes118

General

Target

b5ef7da8073ba987e4b4e23644e9407d_JaffaCakes118
Size

103KB
MD5

b5ef7da8073ba987e4b4e23644e9407d
SHA1

324e0914ce83c3c18a4bf3f95221b60cd7d19c84
SHA256

c536ce17d0fad31426a59d67fe718d97299784affa8721de9d0d850dcb2aec57
SHA512

b7e7a005ae4fe20a73a7a08d2dd6bdb560d37b9a4e2768fe3438c30a6562356c31045efe05f025d82204b4a2598100e668532affd047d350de02a3b6a66d38be
SSDEEP

1536:GneWR3yiWHr3Dx4u1Z9h5zl01Fb8F7Cauh/arz5foU/j3YPiRDno6Z7EJg6:GeQ3yiy9T5zl01ZiC/hiXFz/jIeo3J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5ef7da8073ba987e4b4e23644e9407d_JaffaCakes118

Files

b5ef7da8073ba987e4b4e23644e9407d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

562e430be56868217ed0a0dc398fec3c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetStartupInfoA
lstrlenA
GetThreadLocale
GetCommandLineA
GetOEMCP
GetModuleHandleW
QueryPerformanceCounter
lstrcmpiW
SetCurrentDirectoryA
lstrcmpA
lstrlenW
DeleteFileA
RemoveDirectoryA
GlobalFindAtomW
GetConsoleOutputCP
GetModuleHandleA
RemoveDirectoryW
GetVersion
GetUserDefaultLangID
GetCurrentProcessId
GetCommandLineW
lstrcmpiA
GetWindowsDirectoryA
GetCurrentProcess
ExitProcess
GetDriveTypeA
IsDebuggerPresent
GetProcessHeap
DeleteFileW
GetTickCount
GetCurrentThread
GlobalFindAtomA
MulDiv
CopyFileA
GetCurrentThreadId
VirtualAlloc
VirtualFree

user32

CharNextA
GetDC
GetSystemMetrics
GetParent
TranslateMessage
GetDesktopWindow

gdi32

SetStretchBltMode
SetTextColor
DeleteDC
PatBlt
RectVisible
CreateCompatibleDC
CreatePalette
CreateFontIndirectA
SetMapMode
CreatePen
SelectObject
GetPixel
CreateSolidBrush
GetClipBox
SelectPalette
DeleteObject
GetNearestPaletteIndex
SetTextAlign
GetStockObject
GetTextMetricsA
GetDeviceCaps
RestoreDC
GetObjectA
LineTo
SaveDC

glu32

gluQuadricCallback

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

562e430be56868217ed0a0dc398fec3c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

glu32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 66KB - Virtual size: 66KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 66KB - Virtual size: 66KB

.rsrc
Size: 15KB - Virtual size: 15KB