d3c89883749f2c53bfffeeb1808aff7e_JaffaCakes118

General

Target

d3c89883749f2c53bfffeeb1808aff7e_JaffaCakes118
Size

118KB
MD5

d3c89883749f2c53bfffeeb1808aff7e
SHA1

6a7af80ac0af61c92975c80bb22d602cdda31693
SHA256

dcd947fe460321d93c91c661aaf169b9e6eb2859cfed518420b36e5cb3cff8f8
SHA512

ffe6f97e7de04f78ad9cf8991887e449b54d0512b50c793d386f25ea26cff93884a1d7c2d64379173ffcb4bb0f27e454124a1c777231d5edd511e618d3bfb3ea
SSDEEP

1536:HJka2udbcSVAzu8EiEZ/yUCbmp65Ldx43UnjGGCRtSgnYqslAxnhgrFtcHQ7v:HX2WbfAHEiEZ/yUC75LQ3NGCRtXVQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3c89883749f2c53bfffeeb1808aff7e_JaffaCakes118

Files

d3c89883749f2c53bfffeeb1808aff7e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

53db85ed6e0046af3e895e3921930f5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetModuleHandleW
GetTickCount
CopyFileA
lstrcmpiA
GetCurrentThread
GetWindowsDirectoryA
RemoveDirectoryW
GetCommandLineA
GetOEMCP
lstrcmpiW
GlobalFindAtomW
QueryPerformanceCounter
GetCommandLineW
GetProcessHeap
IsDebuggerPresent
lstrcmpA
GetCurrentThreadId
GetUserDefaultLangID
GetConsoleOutputCP
DeleteFileA
SetCurrentDirectoryA
GlobalFindAtomA
RemoveDirectoryA
MulDiv
GetVersion
GetCurrentProcessId
GetCurrentProcess
lstrlenW
DeleteFileW
GetThreadLocale
lstrlenA
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
VirtualAlloc
VirtualFree

user32

CharNextA
GetParent
TranslateMessage
GetSystemMetrics
GetDesktopWindow

gdi32

SelectPalette
SetPixel
SetTextAlign
SaveDC
GetTextMetricsA
DeleteDC
GetClipBox
SelectObject
PatBlt
DeleteObject
CreatePen
SetTextColor
GetStockObject
RestoreDC
CreateFontIndirectA
GetObjectA
GetPixel
CreatePalette
RectVisible
LineTo
SetMapMode
CreateSolidBrush
GetDeviceCaps
SetStretchBltMode
CreateCompatibleDC

glu32

gluQuadricCallback

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53db85ed6e0046af3e895e3921930f5b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

glu32

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 79KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 79KB

.rsrc
Size: 15KB - Virtual size: 15KB