f6d31d20af096d9bcfa15b0a9fdf1d25_JaffaCakes118

General

Target

f6d31d20af096d9bcfa15b0a9fdf1d25_JaffaCakes118
Size

115KB
MD5

f6d31d20af096d9bcfa15b0a9fdf1d25
SHA1

21f7ba5e30ecaaa0b51709200e8dc661e3b31996
SHA256

8acdfabfc5df2e7b4c535a708a2a3c32d4699969f9a709e06e35a62a7f70bd27
SHA512

17925f4aa14930f61bc51300bf98f3cdfe07954a75ced066b598a9fa3874d3aa2ca757acbe3ad805957a9dc43bf3cf03466a6a1bfe6eb5902cee5def20f71755
SSDEEP

3072:/Vawn7fapigER/2PD1a/S9z5/NJrAViuOj5ZL2q:/vRgER/2rA6rbrAWtd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6d31d20af096d9bcfa15b0a9fdf1d25_JaffaCakes118

Files

f6d31d20af096d9bcfa15b0a9fdf1d25_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2e45f3030265d86ef8a055f785745850

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCurrentDirectoryA
VirtualAlloc
GetTickCount
GetProcessHeap
lstrcmpA
GetStartupInfoA
lstrlenW
VirtualFree
GlobalFindAtomA
IsDebuggerPresent
GetCurrentProcess
GetDriveTypeA
GetWindowsDirectoryA
RemoveDirectoryA
MulDiv
GetCommandLineW
GetConsoleOutputCP
GetThreadLocale
GetUserDefaultLangID
GetACP
GetCurrentThread
lstrlenA
lstrcmpiA
GetOEMCP
DeleteFileA
GlobalFindAtomW
GetVersion
GetModuleHandleA
CopyFileA
QueryPerformanceCounter
GetModuleHandleW
GetCommandLineA
DeleteFileW
RemoveDirectoryW
GetCurrentThreadId
lstrcmpiW
GetCurrentProcessId

gdi32

SaveDC
RectVisible
SetStretchBltMode
GetClipBox
GetStockObject
CreatePen
CreateFontIndirectA
SelectPalette
CreatePalette
GetDeviceCaps
GetObjectA
DeleteDC
PatBlt
DeleteObject
SelectObject
SetMapMode
CreateCompatibleDC
SetTextColor
GetPixel
LineTo
RestoreDC
CreateSolidBrush
SetTextAlign
SetPixel
GetTextMetricsA

user32

TranslateMessage
GetSystemMetrics
GetDesktopWindow
GetParent
CharNextA

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

unxyhqg
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2e45f3030265d86ef8a055f785745850

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 78KB - Virtual size: 78KB

.rsrc Size: 14KB - Virtual size: 42KB

unxyhqg Size: - Virtual size: 4KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 78KB - Virtual size: 78KB

.rsrc
Size: 14KB - Virtual size: 42KB

unxyhqg
Size: - Virtual size: 4KB