56337933874fb78e0012d91e7cc0b616_JaffaCakes118

General

Target

56337933874fb78e0012d91e7cc0b616_JaffaCakes118
Size

116KB
MD5

56337933874fb78e0012d91e7cc0b616
SHA1

63e7f4246f81456f49b54f32c61a34ca8401c1a8
SHA256

6ab1d999cd4cab5612305546bd438120d4bc42a31f54f8401563bf88b395b783
SHA512

2a1d4e3189bcf1624e995bdd7141400672867677451dbfdf6e5b3b726bafa8f74fad91324436cf78dc325c956da726f260a1e9a261611cde5bac61c35370a76f
SSDEEP

1536:aYDxeV+qM2yOvn4jCpm05SbGnxIMENo/uh9WPFI+lj2LzBk0:LDkV+LCeGn21Nh4mBW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56337933874fb78e0012d91e7cc0b616_JaffaCakes118

Files

56337933874fb78e0012d91e7cc0b616_JaffaCakes118
.exe windows:4 windows x86 arch:x86

002077312d20f2a5a4a10f8615cf5c57

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
GetSystemMetrics
GetParent
CharNextA
TranslateMessage

kernel32

GetThreadLocale
GetCommandLineW
CopyFileA
GetModuleHandleA
GetACP
GetTickCount
MulDiv
GetCommandLineA
RemoveDirectoryA
lstrcmpiW
QueryPerformanceCounter
DeleteFileW
GlobalFindAtomA
GetVersion
lstrcmpA
GetProcessHeap
GetUserDefaultLangID
lstrcmpiA
lstrlenW
GetCurrentProcessId
GlobalFindAtomW
SetCurrentDirectoryA
GetCurrentProcess
GetCurrentThread
GetWindowsDirectoryA
GetStartupInfoA
DeleteFileA
IsDebuggerPresent
GetConsoleOutputCP
RemoveDirectoryW
GetCurrentThreadId
GetModuleHandleW
lstrlenA
GetDriveTypeA
GetOEMCP
VirtualAlloc
VirtualFree

gdi32

CreateSolidBrush
DeleteObject
SaveDC
SetTextAlign
GetDeviceCaps
LineTo
GetPixel
RectVisible
GetClipBox
GetTextMetricsA
SetTextColor
CreateCompatibleDC
CreateFontIndirectA
CreatePen
DeleteDC
SelectObject
GetStockObject
SetStretchBltMode
RestoreDC
PatBlt
CreatePalette
GetObjectA
SetMapMode
SelectPalette
SetPixel

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

002077312d20f2a5a4a10f8615cf5c57

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 80KB - Virtual size: 79KB

.rsrc Size: 15KB - Virtual size: 35KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 80KB - Virtual size: 79KB

.rsrc
Size: 15KB - Virtual size: 35KB