fa02b77d055097f80c567b062678e34b_JaffaCakes118

General

Target

fa02b77d055097f80c567b062678e34b_JaffaCakes118
Size

135KB
MD5

fa02b77d055097f80c567b062678e34b
SHA1

5c88db36b9359f16b7ed97e716bca7ba5286f2a8
SHA256

477ffb5a978e536ba36d07054c6fc2296fad6e3ff81253a1ee52b08d9ddcca6e
SHA512

fc8097da8185ecbc9dd97e619b6d99f343807954cbf4ab18e181c54bbbdb1e9fce9ec0b462027c8cce7d0f3ea4664c16d11e5887304eedeb8e394503e06e8c5b
SSDEEP

3072:UyOVD9Y4ACW9TJbGxvcjEk5UD6M1Gg56zbm+T:UyOh2WYTVsKEk2D6QGg56nmW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa02b77d055097f80c567b062678e34b_JaffaCakes118

Files

fa02b77d055097f80c567b062678e34b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1c83c76ae6dc222fc44b99c87acd594a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteObject
LineTo
DeleteDC
PatBlt
GetPixel
RectVisible
SelectPalette
CreateSolidBrush
CreateCompatibleDC
CreateFontIndirectA
GetObjectA
RestoreDC
GetDeviceCaps
SetMapMode
SetStretchBltMode
GetTextMetricsA
SetTextAlign
SelectObject
CreatePalette
CreatePen
SaveDC
SetTextColor
GetClipBox
GetStockObject
SetPixel

user32

GetSystemMetrics
TranslateMessage
GetDesktopWindow
GetParent
CharNextA

kernel32

lstrlenA
GetCurrentThreadId
GetModuleHandleA
DeleteFileA
GetCurrentProcessId
SetCurrentDirectoryA
GetCurrentProcess
lstrlenW
GlobalFindAtomA
GetVersion
VirtualAlloc
GetWindowsDirectoryA
VirtualFree
MulDiv
GlobalFindAtomW
GetCommandLineA
GetStartupInfoA
GetTickCount
CopyFileA
GetModuleHandleW
lstrcmpiW
lstrcmpiA
GetACP
RemoveDirectoryA
IsDebuggerPresent
DeleteFileW
GetOEMCP
lstrcmpA
GetProcessHeap
QueryPerformanceCounter
RemoveDirectoryW
GetUserDefaultLangID
GetCommandLineW
GetDriveTypeA
GetCurrentThread
GetThreadLocale
GetConsoleOutputCP

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1c83c76ae6dc222fc44b99c87acd594a

Headers

File Characteristics

Imports

gdi32

user32

kernel32

glu32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 79KB

.rsrc Size: 34KB - Virtual size: 34KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 79KB

.rsrc
Size: 34KB - Virtual size: 34KB