2a714711c7cb198cfb3177cdba34b349_JaffaCakes118

General

Target

2a714711c7cb198cfb3177cdba34b349_JaffaCakes118
Size

163KB
MD5

2a714711c7cb198cfb3177cdba34b349
SHA1

e03a8efd4edf8ade0a54054adc97021dd1c4df79
SHA256

dadfb38ce3ea9f4d564149790af2a584bf8609fa44126361c99fc18de5a3f5e2
SHA512

f5973b90d212a564c119c181d09b328f85e0e39841fdeb46ee3d5ce6c6786b2e0d862c815f2beceac48b7d7c3ca591b339d889cc356a652e5f8b8ddc1366dfad
SSDEEP

3072:7CuN6fk02rtjdZVRF5UJIIbBtFX8qMOCE5ixcwLItCVOdIt0qfH:Gc6fWdZzIbGCGW45X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a714711c7cb198cfb3177cdba34b349_JaffaCakes118

Files

2a714711c7cb198cfb3177cdba34b349_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4cd78f0d6b245837a3f303e0220df1d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetDriveTypeA
GetCurrentProcess
GetConsoleOutputCP
lstrlenA
GetUserDefaultLangID
GetStartupInfoA
GetCurrentThreadId
GetVersion
GlobalFindAtomW
GetCurrentThread
GetWindowsDirectoryA
VirtualAlloc
lstrcmpiA
CopyFileA
lstrcmpA
GetThreadLocale
MulDiv
VirtualFree
DeleteFileW
lstrlenW
GlobalFindAtomA
GetCurrentProcessId
GetTickCount
GetModuleHandleA
SetCurrentDirectoryA
GetModuleHandleW
GetProcessHeap
IsDebuggerPresent
DeleteFileA
GetACP
GetOEMCP
QueryPerformanceCounter
RemoveDirectoryA
lstrcmpiW

gdi32

SetMapMode
SetStretchBltMode
SetTextAlign
DeleteObject
GetPixel
SaveDC
CreateSolidBrush
GetDeviceCaps
PatBlt
CreatePalette
CreatePen
SetTextColor
LineTo
GetTextMetricsA
GetObjectA
GetStockObject
SelectObject
SelectPalette
CreateFontIndirectA
DeleteDC
GetClipBox
CreateCompatibleDC
RectVisible
RestoreDC

user32

GetDC
GetParent
GetSystemMetrics
GetDesktopWindow
CharNextA
TranslateMessage

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Xofxdddr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Rsydh, I
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4cd78f0d6b245837a3f303e0220df1d5

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Xofxdddr Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 25KB

Rsydh, I Size: 512B - Virtual size: 4KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 26KB - Virtual size: 25KB

.text
Size: 10KB - Virtual size: 10KB

Xofxdddr
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 25KB

Rsydh, I
Size: 512B - Virtual size: 4KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 26KB - Virtual size: 25KB