fb7f58c593f446a163e0db047f5e6a08_JaffaCakes118

General

Target

fb7f58c593f446a163e0db047f5e6a08_JaffaCakes118
Size

113KB
MD5

fb7f58c593f446a163e0db047f5e6a08
SHA1

72e7a967de15533ba310de408187357ade566a70
SHA256

5a766f9f3e794e5716793d8a921c6fc8256d5c5a381bcb65902e486515256645
SHA512

094b5f9ed835c5d954dd54130c53d4d561325112e663489dd9926712cff8c4c9d3c4722d3614ad198f218199e73523212c1d2a41979cfe0f240089695cb0948a
SSDEEP

1536:QnENagFdkLjZ+oI9hOI73Bt55FnXOCg3twFGRinG6uVmlAJICM:QELyLNsn3B35RMegRguVK2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb7f58c593f446a163e0db047f5e6a08_JaffaCakes118

Files

fb7f58c593f446a163e0db047f5e6a08_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e1386ca62d0f53140641ab13bbedbce5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
CharNextA
GetParent
GetSystemMetrics
TranslateMessage

kernel32

DeleteFileW
GetConsoleOutputCP
IsDebuggerPresent
GetProcessHeap
lstrcmpiW
lstrcmpiA
GetCurrentProcessId
lstrcmpA
MulDiv
GetStartupInfoA
RemoveDirectoryA
GetModuleHandleA
lstrlenW
SetCurrentDirectoryA
GetThreadLocale
GetDriveTypeA
GlobalFindAtomW
GetModuleHandleW
CopyFileA
GetCommandLineW
GlobalFindAtomA
lstrlenA
GetOEMCP
GetCurrentProcess
GetCurrentThreadId
VirtualAlloc
GetACP
VirtualFree
GetVersion
GetCommandLineA
GetTickCount
GetWindowsDirectoryA
QueryPerformanceCounter
RemoveDirectoryW
GetUserDefaultLangID
DeleteFileA

gdi32

SetTextAlign
PatBlt
LineTo
GetClipBox
GetStockObject
SelectPalette
CreateSolidBrush
CreatePalette
RectVisible
GetPixel
SetMapMode
SetStretchBltMode
CreateFontIndirectA
GetObjectA
RestoreDC
SelectObject
GetDeviceCaps
CreatePen
CreateCompatibleDC
SaveDC
DeleteDC
SetTextColor
GetTextMetricsA
SetPixel
DeleteObject

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1386ca62d0f53140641ab13bbedbce5

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 79KB - Virtual size: 78KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 12KB - Virtual size: 12KB