b81806df3828139883fa309e7764ba27_JaffaCakes118

General

Target

b81806df3828139883fa309e7764ba27_JaffaCakes118
Size

114KB
MD5

b81806df3828139883fa309e7764ba27
SHA1

f51c422fbba2f28a5298aadb68e1b54cc848ad1b
SHA256

c02ce6bd2464fef3d8158bc0322864c5e34182ec5fdfa0f7e98f3d9cbb55ab77
SHA512

68b3f1f33f808639a5cafcb75b561259e7cabbc8df77f640ff48275765c3bdc6810e72b8125b4e1100d84b50845c1f7aa68098d01a990fe9176c3fe1e43aa814
SSDEEP

1536:OTfHhU8IWvmGelyfJVsVcjiEKWfVA6J2xMzfO2mEERFT5dceIlRxv2RwxecfY/5X:OTfB1IWxCAqVY7O6JTmEMKpbxRecfY/F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b81806df3828139883fa309e7764ba27_JaffaCakes118

Files

b81806df3828139883fa309e7764ba27_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7f19f5078d7169a0593322a25de43653

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
DeleteFileA
lstrcmpA
GlobalFindAtomW
GetVersion
MulDiv
DeleteFileW
lstrcmpiA
IsDebuggerPresent
SetCurrentDirectoryA
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleW
QueryPerformanceCounter
GetOEMCP
GetStartupInfoA
GetACP
GlobalFindAtomA
GetProcessHeap
GetCommandLineW
GetCurrentThread
RemoveDirectoryA
GetCurrentProcessId
GetConsoleOutputCP
GetUserDefaultLangID
GetThreadLocale
GetCommandLineA
RemoveDirectoryW
lstrcmpiW
lstrlenA
GetTickCount
lstrlenW
CopyFileA
GetDriveTypeA
VirtualAlloc
VirtualFree
GetWindowsDirectoryA

user32

TranslateMessage
CharNextA
GetParent
GetDesktopWindow
GetSystemMetrics

gdi32

CreateFontIndirectA
GetClipBox
DeleteObject
SelectPalette
GetPixel
CreatePen
SetMapMode
SelectObject
SetTextColor
SetTextAlign
SetStretchBltMode
CreatePalette
GetDeviceCaps
GetStockObject
PatBlt
RectVisible
CreateCompatibleDC
GetTextMetricsA
SaveDC
LineTo
RestoreDC
GetObjectA
CreateSolidBrush
SetPixel
DeleteDC

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7f19f5078d7169a0593322a25de43653

Headers

File Characteristics

Imports

kernel32

user32

gdi32

glu32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 79KB

.rsrc Size: 14KB - Virtual size: 66KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 79KB

.rsrc
Size: 14KB - Virtual size: 66KB