05c7576ad8c7deeb0271c0459f9e30c5_JaffaCakes118

General

Target

05c7576ad8c7deeb0271c0459f9e30c5_JaffaCakes118
Size

113KB
MD5

05c7576ad8c7deeb0271c0459f9e30c5
SHA1

a618bcdfade943def752bf49d70bc8ec51784ce6
SHA256

7f211767967132154f284df412ed8e613ab06ff71a7e8551a7e4264df8954ed9
SHA512

2409cdeb0e5762f0811fa94851b55cdf00f2659a70152c063e0ef702af147e8a2ede3cc7c04cdc306bd2a27e278ba9862aef474106b2869ee1f0447758e9373a
SSDEEP

3072:Y4vNHMcpTB5w02cOMwSqnq/dqOrNrrbr/M:ZZw02lSqnEdqSrrbw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05c7576ad8c7deeb0271c0459f9e30c5_JaffaCakes118

Files

05c7576ad8c7deeb0271c0459f9e30c5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b3b89cd279640249ad0f26b87b571850

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetParent
TranslateMessage
GetSystemMetrics
CharNextA
GetDesktopWindow

kernel32

GetModuleHandleW
lstrcmpA
GetTickCount
GetCurrentProcess
IsDebuggerPresent
DeleteFileW
GetModuleHandleA
RemoveDirectoryA
GetDriveTypeA
lstrcmpiA
GetUserDefaultLangID
MulDiv
RemoveDirectoryW
DeleteFileA
GetCommandLineA
SetCurrentDirectoryA
lstrlenW
lstrlenA
GetCurrentThread
GetWindowsDirectoryA
GetCommandLineW
GetCurrentThreadId
GetVersion
GetThreadLocale
GetProcessHeap
GetStartupInfoA
GetConsoleOutputCP
GlobalFindAtomA
CopyFileA
GetOEMCP
GetACP
GetCurrentProcessId
GlobalFindAtomW
QueryPerformanceCounter
lstrcmpiW
VirtualAlloc
VirtualFree

gdi32

DeleteDC
SetStretchBltMode
GetPixel
LineTo
PatBlt
GetTextMetricsA
GetClipBox
SetTextAlign
RectVisible
GetObjectA
SetPixel
DeleteObject
CreatePen
GetDeviceCaps
SaveDC
CreateCompatibleDC
SelectPalette
RestoreDC
CreateSolidBrush
CreateFontIndirectA
SelectObject
CreatePalette
GetStockObject
SetTextColor
SetMapMode

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3b89cd279640249ad0f26b87b571850

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 78KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 13KB - Virtual size: 13KB