c8347f8f1245f299a6228dac4bd97dc3_JaffaCakes118

General

Target

c8347f8f1245f299a6228dac4bd97dc3_JaffaCakes118
Size

112KB
MD5

c8347f8f1245f299a6228dac4bd97dc3
SHA1

99d9c4b5aa34f1d8af25136339f1fd145e41c4ab
SHA256

07f9e0220de416e065173876cf73a692a054ccd7810f92e11f7157491c9243d3
SHA512

d02c8bdee4c2ae2b38a91382b26dbcd7a3f6dbe23931ab78f86d6b54342f4bb7f3bc1c5d586bba7b72d2e56a01be000f51ecafc713897eb32b68ac013390d88b
SSDEEP

1536:HWNqqO5vtVJ5OrlFki+QRJ+ZF/KPqYzoAyA4wGn0E2gjERCFO:PXFVJ+Fki7uBKCYzoVf70wF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8347f8f1245f299a6228dac4bd97dc3_JaffaCakes118

Files

c8347f8f1245f299a6228dac4bd97dc3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e532db1de3c4e4f0734a66fa35fc006d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
GlobalFindAtomW
GetWindowsDirectoryA
GetModuleHandleA
DeleteFileA
GetTickCount
GetCurrentProcess
DeleteFileW
GetCurrentThread
QueryPerformanceCounter
GetOEMCP
GetCurrentThreadId
RemoveDirectoryA
lstrlenA
lstrlenW
IsDebuggerPresent
GetVersion
GetProcessHeap
MulDiv
lstrcmpiW
GetThreadLocale
GetConsoleOutputCP
CopyFileA
GetCurrentProcessId
GetACP
GetCommandLineW
SetCurrentDirectoryA
lstrcmpA
GetModuleHandleW
RemoveDirectoryW
GetUserDefaultLangID
lstrcmpiA
GetCommandLineA
GetStartupInfoA
GlobalFindAtomA
VirtualAlloc
VirtualFree

gdi32

DeleteObject
SelectObject
DeleteDC
GetStockObject
CreateSolidBrush
SetMapMode
CreatePen
CreatePalette
SetTextColor
GetDeviceCaps
GetClipBox
SetTextAlign
CreateCompatibleDC
GetObjectA
RectVisible
SaveDC
GetPixel
RestoreDC
CreateFontIndirectA
PatBlt
GetTextMetricsA
SelectPalette
SetStretchBltMode
SetPixel
LineTo

user32

GetDesktopWindow
CharNextA
TranslateMessage
GetParent
GetSystemMetrics

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e532db1de3c4e4f0734a66fa35fc006d

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 79KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 79KB

.rsrc
Size: 11KB - Virtual size: 11KB