e1a56ec988e3c58419d11fc3aba0a831_JaffaCakes118

General

Target

e1a56ec988e3c58419d11fc3aba0a831_JaffaCakes118
Size

97KB
MD5

e1a56ec988e3c58419d11fc3aba0a831
SHA1

8b5ffcafe5047f5bb5f1b013cde7d70da892ce51
SHA256

15c48d8107751d7d19b70d0713a9973d49dea44e7d5cf8a76a4a9ba3d3ca1c85
SHA512

1d35d26b408a76709da3a8e28219074e8a809592a23d1f9120f27b9b8574d5e9f72f7e28489353ba3d6878f57be52e16d300adb5cf41e00d89ecf90f4adda56a
SSDEEP

1536:BAUZHl4RGEH7fbg8fh7gPIjIfMblzNQKQgtboPHwTwgIZpulkKTglw7eeycfN0KQ:em4RGkzf7gLfMtDho3l14dvj0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1a56ec988e3c58419d11fc3aba0a831_JaffaCakes118

Files

e1a56ec988e3c58419d11fc3aba0a831_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bc117b9d86a6fefc7a00797d1e519345

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
GetCommandLineW
GetCurrentThreadId
GetDriveTypeA
DeleteFileW
GetVersion
GlobalFindAtomA
GetCurrentProcess
GetWindowsDirectoryA
GetStartupInfoA
lstrcmpiW
GetCurrentThread
DeleteFileA
SetCurrentDirectoryA
lstrcmpiA
lstrlenW
GetACP
GlobalFindAtomW
GetCommandLineA
VirtualAlloc
lstrlenA
VirtualFree
GetCurrentProcessId
GetTickCount
MulDiv
RemoveDirectoryA
GetOEMCP
IsDebuggerPresent
QueryPerformanceCounter
GetProcessHeap
GetModuleHandleW
GetConsoleOutputCP
lstrcmpA
RemoveDirectoryW
ExitProcess
GetUserDefaultLangID

user32

GetParent
TranslateMessage
GetDesktopWindow
CharNextA
GetSystemMetrics
GetDC

gdi32

GetDeviceCaps
CreatePen
RectVisible
CreatePalette
SaveDC
SetTextColor
CreateFontIndirectA
GetStockObject
SetMapMode
CreateSolidBrush
GetClipBox
CreateCompatibleDC
GetPixel
SelectObject
LineTo
SetStretchBltMode
GetObjectA
DeleteDC
SelectPalette
RestoreDC
GetTextMetricsA
PatBlt
DeleteObject
SetTextAlign
GetNearestPaletteIndex

glu32

gluQuadricCallback

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc117b9d86a6fefc7a00797d1e519345

Headers

File Characteristics

Imports

kernel32

user32

gdi32

glu32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 62KB - Virtual size: 61KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 62KB - Virtual size: 61KB

.rsrc
Size: 14KB - Virtual size: 13KB