54bb48ff2f6d7865e003637b575d1601_JaffaCakes118

General

Target

54bb48ff2f6d7865e003637b575d1601_JaffaCakes118
Size

169KB
MD5

54bb48ff2f6d7865e003637b575d1601
SHA1

59e4316906a2343c989e1a1f8ac4cb782c375481
SHA256

8a263c5b564ca9d71781f11c27fbb7fe1b4fa4d9445f3a42c53db79fddc0d81b
SHA512

3de5d2df38520090a3e5879720cb680d8defcf00fdceb898a3b43651333337e09f279ec7d561a4a5abdee40299cba2a93d2bb074bd4c341e6364d1d900a0c81a
SSDEEP

3072:RVgzXNvrpgyb9PtrSyWtEvMJerXEyemKTcQK3oTlCqmoV:vkrqDmvMJerXExhTcNoH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54bb48ff2f6d7865e003637b575d1601_JaffaCakes118

Files

54bb48ff2f6d7865e003637b575d1601_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d0d151f6a073ec2287d69ac8f658e84a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
CharNextA
GetDesktopWindow
GetDC
GetParent
GetSystemMetrics

kernel32

lstrlenA
GetModuleHandleA
GetModuleHandleW
MulDiv
GetOEMCP
GetACP
GetCommandLineW
SetCurrentDirectoryA
GetCurrentProcessId
GetCurrentProcess
GetUserDefaultLangID
IsDebuggerPresent
QueryPerformanceCounter
RemoveDirectoryA
GetDriveTypeA
GlobalFindAtomW
lstrcmpiA
GlobalFindAtomA
GetConsoleOutputCP
GetCommandLineA
GetTickCount
lstrcmpA
GetThreadLocale
GetCurrentThreadId
CopyFileA
GetVersion
GetProcessHeap
lstrlenW
GetCurrentThread
lstrcmpiW
GetWindowsDirectoryA
DeleteFileW
GetStartupInfoA
VirtualAlloc
VirtualFree

gdi32

RectVisible
SaveDC
SetStretchBltMode
SetTextColor
LineTo
CreateCompatibleDC
RestoreDC
GetDeviceCaps
SelectObject
CreatePalette
SelectPalette
CreatePen
GetPixel
SetMapMode
DeleteObject
CreateSolidBrush
GetObjectA
SetTextAlign
GetClipBox
PatBlt
GetTextMetricsA
DeleteDC
GetStockObject
CreateFontIndirectA

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Kovkunec
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Bqycbxei
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0d151f6a073ec2287d69ac8f658e84a

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 11KB - Virtual size: 10KB

Kovkunec Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 25KB

Bqycbxei Size: 512B - Virtual size: 4KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 31KB - Virtual size: 31KB

.text
Size: 11KB - Virtual size: 10KB

Kovkunec
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 25KB

Bqycbxei
Size: 512B - Virtual size: 4KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 31KB - Virtual size: 31KB