5542af6220619957e84d1695e4f45c82_JaffaCakes118

General

Target

5542af6220619957e84d1695e4f45c82_JaffaCakes118
Size

115KB
MD5

5542af6220619957e84d1695e4f45c82
SHA1

c12f1374a3a55f1246991d0384b6e11ce94d62ab
SHA256

b94f269494d5c0f05a94b474b09312c6fd609624c79072d9a8ce00cb5fed538a
SHA512

14e595eb53aafc000d9c71deb019fbe0420856a8453b5264d797e12294c165ea279e4bc80f106d11fff9593117d1b4ec7281dad86c8239b5a48ab23f9b69fdd0
SSDEEP

3072:2SOtHKTHiAkKZCrkWiDwnOayoXTochho:2S7rBkKgiDOOaP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5542af6220619957e84d1695e4f45c82_JaffaCakes118

Files

5542af6220619957e84d1695e4f45c82_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f814ce25aa61291aa83ac651d7b9cc41

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetConsoleOutputCP
GetVersion
GetModuleHandleA
GetUserDefaultLangID
GetThreadLocale
GlobalFindAtomW
GetCurrentProcess
GlobalFindAtomA
GetCommandLineA
lstrlenW
GetCommandLineW
QueryPerformanceCounter
GetCurrentThread
GetProcessHeap
lstrcmpA
GetOEMCP
GetTickCount
GetCurrentProcessId
DeleteFileA
GetACP
lstrcmpiW
SetCurrentDirectoryA
CopyFileA
GetDriveTypeA
RemoveDirectoryA
GetModuleHandleW
GetWindowsDirectoryA
lstrcmpiA
lstrlenA
DeleteFileW
RemoveDirectoryW
MulDiv
IsDebuggerPresent
GetStartupInfoA
VirtualAlloc
VirtualFree

gdi32

GetTextMetricsA
SetTextColor
SetStretchBltMode
GetObjectA
CreateCompatibleDC
LineTo
SetMapMode
DeleteDC
CreatePen
SaveDC
SetTextAlign
SelectPalette
CreateFontIndirectA
GetClipBox
RestoreDC
GetDeviceCaps
DeleteObject
CreatePalette
GetStockObject
PatBlt
CreateSolidBrush
SetPixel
RectVisible
SelectObject
GetPixel

user32

TranslateMessage
GetDesktopWindow
CharNextA
GetSystemMetrics
GetParent

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f814ce25aa61291aa83ac651d7b9cc41

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 79KB - Virtual size: 79KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 79KB - Virtual size: 79KB

.rsrc
Size: 15KB - Virtual size: 14KB