383d08249c3b9fae86ce0bc84c0df314_JaffaCakes118

General

Target

383d08249c3b9fae86ce0bc84c0df314_JaffaCakes118
Size

144KB
MD5

383d08249c3b9fae86ce0bc84c0df314
SHA1

7576c8f8d8cbef231ce432e2005805e8496df43a
SHA256

9d5324e62740c12bf83d9ccbe9eb0669909c589f6bfca9974f0ccda5c5af9ffc
SHA512

8ccb71f3a8f579fa8d8b4fc8bc1d6b3aa02b9291d794069b7a5bb33dfe8c01eaaad54347082a1fb6aa5f5a451084933f1f58d6fb9cc28976b15ad446135cd374
SSDEEP

1536:lJEVpMHoQNu1rVCo2twEPmjIKFAFwuI3fOLYkSk0mHl7YYKv2vgV4f8N/n:GpMHNaCo2du0uvTZGHl7YYxvgV4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
383d08249c3b9fae86ce0bc84c0df314_JaffaCakes118

Files

383d08249c3b9fae86ce0bc84c0df314_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3dffb4e9e6288a142f07eacbe09d862d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextMetricsA
CreatePen
SelectPalette
SelectObject
DeleteDC
GetObjectA
RestoreDC
LineTo
GetStockObject
SaveDC
SetTextColor
SetMapMode
GetPixel
GetClipBox
CreatePalette
SetStretchBltMode
CreateCompatibleDC
DeleteObject
RectVisible
CreateFontIndirectA
SetTextAlign
CreateSolidBrush
PatBlt
SetPixel
GetDeviceCaps

user32

CharNextA
TranslateMessage
GetSystemMetrics
GetDesktopWindow
GetParent

kernel32

GetWindowsDirectoryA
GetUserDefaultLangID
GetDriveTypeA
GlobalFindAtomA
lstrcmpiW
MulDiv
GetCurrentProcessId
GetThreadLocale
GetCommandLineA
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleW
RemoveDirectoryA
DeleteFileW
DeleteFileA
GetVersion
GetModuleHandleA
GetOEMCP
GlobalFindAtomW
SetCurrentDirectoryA
lstrcmpA
lstrcmpiA
IsDebuggerPresent
VirtualAlloc
VirtualFree
QueryPerformanceCounter
RemoveDirectoryW
GetStartupInfoA
lstrlenW
GetConsoleOutputCP
GetCurrentThread
GetProcessHeap
GetACP
CopyFileA
lstrlenA
GetTickCount

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qmhsney
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3dffb4e9e6288a142f07eacbe09d862d

Headers

File Characteristics

Imports

gdi32

user32

kernel32

glu32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 80KB - Virtual size: 79KB

.rsrc Size: 39KB - Virtual size: 40KB

qmhsney Size: - Virtual size: 4KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 80KB - Virtual size: 79KB

.rsrc
Size: 39KB - Virtual size: 40KB

qmhsney
Size: - Virtual size: 4KB