259fcf39e88feb214378960ab3822f7f_JaffaCakes118

General

Target

259fcf39e88feb214378960ab3822f7f_JaffaCakes118
Size

166KB
MD5

259fcf39e88feb214378960ab3822f7f
SHA1

58e3ee3d1829c829991f94f46d926a049cb2bdbd
SHA256

ca01b425d4dcbb98d3687be4f59b1519f3c211adb0225fb01ad1826f0726fc72
SHA512

582c6f41a722e085743282447d44ec9d897468906f10837c31bd54ecab18708e57d306c7c93008b3785ead7c48a7537b878128d2a6c0acb62d1d281776f2cccf
SSDEEP

3072:R9sGC3DD/NSivAIa9gerfCbFe5Y3a3sBv/p:niDDsfgQKbFe5W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
259fcf39e88feb214378960ab3822f7f_JaffaCakes118

Files

259fcf39e88feb214378960ab3822f7f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4255e8b2533cb0b1867511a957859a41

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
GetDesktopWindow
GetParent
CharNextA
TranslateMessage
GetSystemMetrics

gdi32

RectVisible
SaveDC
SetMapMode
DeleteObject
CreateFontIndirectA
GetObjectA
DeleteDC
SelectPalette
SelectObject
GetPixel
SetStretchBltMode
PatBlt
RestoreDC
CreateCompatibleDC
SetTextAlign
GetClipBox
CreateSolidBrush
SetTextColor
CreatePen
CreatePalette
GetTextMetricsA
LineTo
GetDeviceCaps
GetStockObject

kernel32

DeleteFileW
GlobalFindAtomW
GetCurrentThreadId
GlobalFindAtomA
RemoveDirectoryA
GetACP
IsDebuggerPresent
GetOEMCP
lstrcmpiW
GetCurrentProcess
lstrcmpA
GetModuleHandleW
GetConsoleOutputCP
lstrcmpiA
GetCurrentThread
MulDiv
lstrlenA
GetDriveTypeA
GetVersion
GetCommandLineW
GetModuleHandleA
GetUserDefaultLangID
lstrlenW
GetWindowsDirectoryA
GetCommandLineA
DeleteFileA
GetProcessHeap
CopyFileA
SetCurrentDirectoryA
QueryPerformanceCounter
VirtualAlloc
VirtualFree

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Uxvfxyjc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Ahuh. Pk
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4255e8b2533cb0b1867511a957859a41

Headers

File Characteristics

Imports

user32

gdi32

kernel32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Uxvfxyjc Size: 512B - Virtual size: 4KB

.rdata Size: 27KB - Virtual size: 26KB

Ahuh. Pk Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 27KB - Virtual size: 26KB

.text
Size: 10KB - Virtual size: 10KB

Uxvfxyjc
Size: 512B - Virtual size: 4KB

.rdata
Size: 27KB - Virtual size: 26KB

Ahuh. Pk
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 27KB - Virtual size: 26KB