c12c4f9ec12370d5582e8b92d0613226_JaffaCakes118

General

Target

c12c4f9ec12370d5582e8b92d0613226_JaffaCakes118
Size

64KB
MD5

c12c4f9ec12370d5582e8b92d0613226
SHA1

32f2b8c918713311464f09e3fc5fffe5649232b4
SHA256

fef20e8d094cf57298dc14df6a1d70cc486f97bda49d98eebb33640a85e720c8
SHA512

478d756e4010258e0fb58c11ef801220fe3b31be4f8c2236ce5e78b1adf9bc10a1eadda2f81551f72bb2b20fe010303add115a223de6c0561313c40b7a0200fc
SSDEEP

1536:hDwC8nHvA8Lhg108zpCCXLlD3qC9j+d/8:YPA8eWC44+C9jI/8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c12c4f9ec12370d5582e8b92d0613226_JaffaCakes118

Files

c12c4f9ec12370d5582e8b92d0613226_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6db67ef5c69055f1cbdeaaa9a463caa7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
GetParent
CharNextA
GetDesktopWindow
GetSystemMetrics

gdi32

SetTextColor
GetClipBox
SelectPalette
SetStretchBltMode
SaveDC
RestoreDC
CreateSolidBrush
SetTextAlign
GetPixel
CreatePalette
PatBlt
SelectObject
DeleteObject
GetTextMetricsA
RectVisible
DeleteDC
GetDeviceCaps
CreateFontIndirectA
GetObjectA
CreatePen
SetMapMode
SetPixel
LineTo
CreateCompatibleDC

kernel32

GetStartupInfoA
GetTickCount
GetCurrentThreadId
GetDriveTypeA
GetWindowsDirectoryA
GetUserDefaultLangID
DeleteFileW
QueryPerformanceCounter
lstrcmpiW
lstrlenA
GetVersion
GetCurrentThread
GlobalFindAtomW
GetACP
lstrlenW
GlobalFindAtomA
MulDiv
GetCurrentProcessId
RemoveDirectoryA
GetCommandLineW
SetCurrentDirectoryA
IsDebuggerPresent
GetModuleHandleA
DeleteFileA
GetThreadLocale
CopyFileA
GetOEMCP
GetConsoleOutputCP
GetProcessHeap
RemoveDirectoryW
lstrcmpA
GetCommandLineA
GetCurrentProcess
GetModuleHandleW
lstrcmpiA
VirtualAlloc
VirtualFree

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6db67ef5c69055f1cbdeaaa9a463caa7

Headers

File Characteristics

Imports

user32

gdi32

kernel32

glu32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 78KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 12KB - Virtual size: 11KB