14e2115aa32532bc9e6f608911af8f81_JaffaCakes118

General

Target

14e2115aa32532bc9e6f608911af8f81_JaffaCakes118
Size

113KB
MD5

14e2115aa32532bc9e6f608911af8f81
SHA1

71738401a522c81bcf1420ce8b2c0a6a4709fc02
SHA256

b4ddf64bbe534afa3da70f1e6a21fab1affa1466e80ab5a324cb0e98f1fcbc3c
SHA512

4c08b2b9a464aa0581babca579f6eb16f8e4cc448ad292d01aec2e3b81126c347dc5791b0a5bc0d3de4080e970308f631bdee8728fa47b4c5bd4ea47e6c37f5b
SSDEEP

1536:Wl42MM70KVPj3shk2P1duanUovW46ypmHfFrpbmIaffP3/41:Wi2MRKVLcnPz1UovW4MfNpbmIaP/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14e2115aa32532bc9e6f608911af8f81_JaffaCakes118

Files

14e2115aa32532bc9e6f608911af8f81_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c68c8352c57bf3956de1a2fd63392f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
GetDesktopWindow
CharNextA
TranslateMessage
GetParent

kernel32

DeleteFileA
GetCurrentProcess
lstrlenW
GetTickCount
DeleteFileW
GetCurrentThread
QueryPerformanceCounter
GetUserDefaultLangID
GetConsoleOutputCP
lstrcmpA
GetACP
GetCurrentProcessId
GlobalFindAtomA
GetOEMCP
GetProcessHeap
lstrcmpiW
IsDebuggerPresent
GlobalFindAtomW
MulDiv
lstrcmpiA
RemoveDirectoryA
RemoveDirectoryW
GetCommandLineA
GetStartupInfoA
SetCurrentDirectoryA
GetModuleHandleA
GetVersion
GetThreadLocale
GetCurrentThreadId
CopyFileA
GetDriveTypeA
GetModuleHandleW
lstrlenA
VirtualAlloc
VirtualFree
GetCommandLineW
GetWindowsDirectoryA

gdi32

PatBlt
SetTextColor
RectVisible
DeleteObject
CreateFontIndirectA
CreatePen
CreateCompatibleDC
CreatePalette
CreateSolidBrush
GetObjectA
SaveDC
SelectObject
DeleteDC
SelectPalette
GetClipBox
SetPixel
RestoreDC
GetPixel
GetDeviceCaps
SetMapMode
SetTextAlign
GetStockObject
SetStretchBltMode
LineTo
GetTextMetricsA

glu32

gluQuadricCallback

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c68c8352c57bf3956de1a2fd63392f1

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 79KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 79KB

.rsrc
Size: 13KB - Virtual size: 13KB