561cfd8ed3a37384e67e4c85d2b10217_JaffaCakes118

General

Target

561cfd8ed3a37384e67e4c85d2b10217_JaffaCakes118
Size

116KB
MD5

561cfd8ed3a37384e67e4c85d2b10217
SHA1

4881d78df484b31d657457079ac6e2a5a2ee9ac5
SHA256

b750bbeba41b3137f75b73a9247b148070e936d7bdc67b17d98ab79e7d71e2e0
SHA512

fe5ee15fee6ea9fa45ea0003cc61f66627af58f2bc3ebdac27293bbeefcee0a12b43a4eff60501d51b74964fd82849c0202ce488ee0e531f78197813ad6d9761
SSDEEP

1536:IWgQxQo1B+Cv4xI41URy+6wdwYN9j76IP0ybHKS6HmZssFypy4i+mgsg:IWV1orI419IwYjSS6GZss6y4i/T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
561cfd8ed3a37384e67e4c85d2b10217_JaffaCakes118

Files

561cfd8ed3a37384e67e4c85d2b10217_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a4d03f8e3782c8bab859227574bd5c2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
CharNextA
TranslateMessage
GetDesktopWindow
GetParent

gdi32

CreateFontIndirectA
SaveDC
SetStretchBltMode
GetPixel
RestoreDC
GetTextMetricsA
SetTextColor
PatBlt
CreateCompatibleDC
SelectObject
GetObjectA
CreateSolidBrush
SelectPalette
GetClipBox
SetTextAlign
DeleteDC
SetPixel
CreatePen
SetMapMode
LineTo
CreatePalette
GetDeviceCaps
DeleteObject
GetStockObject
RectVisible

kernel32

GetOEMCP
lstrcmpA
SetCurrentDirectoryA
lstrcmpiA
GetCurrentThreadId
MulDiv
GetConsoleOutputCP
lstrlenW
GlobalFindAtomW
GetCommandLineA
QueryPerformanceCounter
lstrlenA
GetTickCount
GetDriveTypeA
GetUserDefaultLangID
IsDebuggerPresent
GetCurrentProcessId
DeleteFileA
GetCurrentProcess
GetProcessHeap
CopyFileA
GetCurrentThread
GetCommandLineW
RemoveDirectoryW
GlobalFindAtomA
GetModuleHandleW
GetModuleHandleA
GetThreadLocale
RemoveDirectoryA
GetStartupInfoA
lstrcmpiW
GetWindowsDirectoryA
GetACP
GetVersion
DeleteFileW
VirtualAlloc
VirtualFree

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4d03f8e3782c8bab859227574bd5c2c

Headers

File Characteristics

Imports

user32

gdi32

kernel32

glu32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 80KB - Virtual size: 79KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 80KB - Virtual size: 79KB

.rsrc
Size: 14KB - Virtual size: 14KB