03b5820c479c7131a56f673da6c6105a_JaffaCakes118

General

Target

03b5820c479c7131a56f673da6c6105a_JaffaCakes118
Size

170KB
MD5

03b5820c479c7131a56f673da6c6105a
SHA1

891a30087a76c3f86f70f5d0c69859694d99a0e4
SHA256

adad5f1a0575ac856adffd5de971bcc15f29367ec5095d23f0d53afb89cd5118
SHA512

f8b59a86433fd5dc6f86cc8387fbdf87ff758ba6ae455746adc0910e668c61a14257fe111b2b021fdc0d87d8bbdcb3e3e7cd620911ebf723e8ec245d8d8e59d9
SSDEEP

3072:u6QtRjDvQHUaIHCxfu75186vt7kdahfruW6q:uHJDOcHn8OodmfrX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03b5820c479c7131a56f673da6c6105a_JaffaCakes118

Files

03b5820c479c7131a56f673da6c6105a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

07385c4dd5e455aa6bf3ac6bd50fbfa4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
TranslateMessage
CharNextA
GetParent
GetSystemMetrics
GetDC

kernel32

GetCurrentThread
MulDiv
lstrcmpA
DeleteFileA
GetACP
lstrlenW
GetCommandLineW
DeleteFileW
RemoveDirectoryA
GetCurrentProcess
GlobalFindAtomA
GlobalFindAtomW
lstrcmpiW
GetConsoleOutputCP
IsDebuggerPresent
CopyFileA
GetVersion
GetStartupInfoA
GetCurrentThreadId
GetTickCount
GetUserDefaultLangID
GetDriveTypeA
QueryPerformanceCounter
GetThreadLocale
GetProcessHeap
SetCurrentDirectoryA
lstrcmpiA
GetOEMCP
GetCurrentProcessId
GetWindowsDirectoryA
VirtualAlloc
VirtualFree
GetModuleHandleA
lstrlenA
GetModuleHandleW

gdi32

SaveDC
SetTextColor
CreateSolidBrush
SetMapMode
CreateFontIndirectA
GetDeviceCaps
RectVisible
RestoreDC
GetStockObject
GetTextMetricsA
CreateCompatibleDC
GetPixel
SelectObject
CreatePalette
CreatePen
LineTo
SelectPalette
DeleteObject
PatBlt
SetStretchBltMode
GetClipBox
DeleteDC
SetTextAlign
GetObjectA

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Dcptufah
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Shsegral
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07385c4dd5e455aa6bf3ac6bd50fbfa4

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 11KB - Virtual size: 10KB

Dcptufah Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 25KB

Shsegral Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.rsrc Size: 31KB - Virtual size: 31KB

.text
Size: 11KB - Virtual size: 10KB

Dcptufah
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 25KB

Shsegral
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 31KB - Virtual size: 31KB