bf11c9de0d8ce8f125945c801bef16ec_JaffaCakes118

General

Target

bf11c9de0d8ce8f125945c801bef16ec_JaffaCakes118
Size

95KB
MD5

bf11c9de0d8ce8f125945c801bef16ec
SHA1

212ef57506477d90d1f8a885ff356991cb528e48
SHA256

2c2080f0c2c9269d06b5e31a63fd4bc7c9e58cabd0859eb662fc4994620626f5
SHA512

dfde4ffb66f430cdf4da0bfa4c7ccc2ed9c6ec79bcca30f1646340cc75840755ce3f10e97c0886f97b818618d46963ed62431b27fc9709ecdff3e77bbca96f97
SSDEEP

1536:5jjjkJI5hA/v3YMZPFoHZ2pOi7fL7kRH48XMSDa3DnRAV+w:5jHkchA4ENoSOi7z7kRHeOa3tBw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf11c9de0d8ce8f125945c801bef16ec_JaffaCakes118

Files

bf11c9de0d8ce8f125945c801bef16ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c3896375b6ba15fb9b6c9491e51d9c3b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleOutputCP
MulDiv
GetTickCount
SetCurrentDirectoryA
GetVersion
GetThreadLocale
lstrcmpiW
GetOEMCP
GetStartupInfoA
lstrcmpA
GetCurrentProcessId
GetACP
GetCommandLineA
QueryPerformanceCounter
GetCurrentProcess
GetUserDefaultLangID
GetCommandLineW
lstrlenW
GetDriveTypeA
RemoveDirectoryA
GetModuleHandleA
CopyFileA
lstrlenA
lstrcmpiA
GetWindowsDirectoryA
GetProcessHeap
DeleteFileW
GlobalFindAtomW
DeleteFileA
GetModuleHandleW
GlobalFindAtomA
IsDebuggerPresent
GetCurrentThread
RemoveDirectoryW
GetCurrentThreadId
ExitProcess
VirtualAlloc

gdi32

DeleteDC
RestoreDC
SetTextColor
RectVisible
CreatePalette
SetMapMode
SetStretchBltMode
GetDeviceCaps
PatBlt
LineTo
SelectPalette
GetObjectA
SaveDC
GetClipBox
DeleteObject
SelectObject
CreateSolidBrush
CreateFontIndirectA
CreatePen
GetStockObject
CreateCompatibleDC
GetTextMetricsA
SetTextAlign
GetPixel
GetNearestPaletteIndex

user32

GetDC
GetSystemMetrics
CharNextA
GetDesktopWindow
TranslateMessage
GetParent

glu32

gluQuadricCallback

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3896375b6ba15fb9b6c9491e51d9c3b

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 59KB - Virtual size: 59KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 59KB - Virtual size: 59KB

.rsrc
Size: 14KB - Virtual size: 14KB