01f0b1de6a8171c17d25005a0db3ffb4_JaffaCakes118

General

Target

01f0b1de6a8171c17d25005a0db3ffb4_JaffaCakes118
Size

92KB
MD5

01f0b1de6a8171c17d25005a0db3ffb4
SHA1

596b07a90cff4fc5809d42299399eef2abec01e5
SHA256

bb522e1093c1c6650087ce12c1bcb39266d26471c4600072c376070f523cc9aa
SHA512

452884bcc303e345c26d348d1d7b6b831a7fcbf44412b2325844c390c444eb311ffdbfb91119e3a8a0386f6afee81a490d8293e8a581690d26bfdbf3bdb7eda9
SSDEEP

1536:GgU+Q76zbQ+1l9fm+LAb1tVgrFc3oFg3nPHwqGuVkuwbEoGDedu:GgUr6Q+1bsb1TgIou/tGuVZned

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01f0b1de6a8171c17d25005a0db3ffb4_JaffaCakes118

Files

01f0b1de6a8171c17d25005a0db3ffb4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9660ecb6e33bdae44b604935227607c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
GetVersion
CopyFileA
GetCurrentThreadId
IsDebuggerPresent
GetUserDefaultLangID
GetCommandLineW
lstrcmpiA
GetCurrentThread
DeleteFileW
lstrcmpA
SetCurrentDirectoryA
lstrcmpiW
GetThreadLocale
GetModuleHandleW
QueryPerformanceCounter
MulDiv
GetWindowsDirectoryA
GetDriveTypeA
DeleteFileA
GetProcessHeap
GetCommandLineA
GetModuleHandleA
lstrlenW
GetTickCount
lstrlenA
GetCurrentProcessId
GetStartupInfoA
GetCurrentProcess
GetACP
GlobalFindAtomA
GetConsoleOutputCP
GlobalFindAtomW
GetOEMCP
RemoveDirectoryW
ExitProcess
VirtualAlloc
VirtualFree

gdi32

GetObjectA
GetStockObject
CreatePen
SelectObject
SaveDC
CreatePalette
CreateFontIndirectA
SelectPalette
GetPixel
GetTextMetricsA
SetTextColor
DeleteDC
CreateSolidBrush
GetClipBox
CreateCompatibleDC
LineTo
GetDeviceCaps
RestoreDC
SetTextAlign
SetStretchBltMode
RectVisible
SetMapMode
DeleteObject
PatBlt
GetNearestPaletteIndex

user32

CharNextA
TranslateMessage
GetDC
GetDesktopWindow
GetSystemMetrics
GetParent

glu32

gluQuadricCallback

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9660ecb6e33bdae44b604935227607c8

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 59KB - Virtual size: 59KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 59KB - Virtual size: 59KB

.rsrc
Size: 12KB - Virtual size: 11KB