1353b9e5eab9118a0eceba1199a4fdff_JaffaCakes118

General

Target

1353b9e5eab9118a0eceba1199a4fdff_JaffaCakes118
Size

112KB
MD5

1353b9e5eab9118a0eceba1199a4fdff
SHA1

47d9684245b5758fe532cba1ae0a1b34266413bf
SHA256

ee8eef397258af190bed2dc098ea56f10da35133f9613f91fba82303cd3f3cc5
SHA512

53522c3a902334fc208303229aa955610c3ee67a7de45555f507246313c22e6cdfe7a06ea9ed1cf3b41bf0c00e8355083b5b5ef8ae5ee198cf5e206883bccbc5
SSDEEP

1536:E8P/G9ObBN5mcLrKYzEtumILIGLpHFIeza+oqxnlLlYs4cgRb8HBxTo/:j/vD5mcDAtuBI6f+qxlL+cgl8HBxs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1353b9e5eab9118a0eceba1199a4fdff_JaffaCakes118

Files

1353b9e5eab9118a0eceba1199a4fdff_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5968837f6360c911db97ccbe2affc0f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextA
TranslateMessage
GetParent
GetDesktopWindow
GetSystemMetrics

kernel32

GlobalFindAtomW
GetCurrentProcessId
DeleteFileA
lstrcmpiA
GetTickCount
GlobalFindAtomA
CopyFileA
IsDebuggerPresent
GetModuleHandleW
GetModuleHandleA
GetCurrentThread
DeleteFileW
QueryPerformanceCounter
RemoveDirectoryA
SetCurrentDirectoryA
GetDriveTypeA
GetConsoleOutputCP
MulDiv
GetOEMCP
lstrlenW
GetCurrentThreadId
GetCommandLineA
GetWindowsDirectoryA
GetCurrentProcess
lstrlenA
GetStartupInfoA
GetCommandLineW
GetACP
VirtualAlloc
GetThreadLocale
lstrcmpiW
VirtualFree
lstrcmpA
GetUserDefaultLangID
GetVersion
GetProcessHeap
RemoveDirectoryW

gdi32

CreatePen
GetDeviceCaps
GetPixel
CreatePalette
GetTextMetricsA
GetStockObject
DeleteObject
CreateFontIndirectA
RectVisible
SetStretchBltMode
RestoreDC
SaveDC
SetMapMode
CreateSolidBrush
GetObjectA
SelectPalette
LineTo
PatBlt
SetTextColor
GetClipBox
CreateCompatibleDC
DeleteDC
SetTextAlign
SelectObject
SetPixel

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5968837f6360c911db97ccbe2affc0f0

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 78KB

.rsrc Size: 12KB - Virtual size: 40KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 12KB - Virtual size: 40KB