17aa7d57035e9e70fcbc5d58c594719f_JaffaCakes118

General

Target

17aa7d57035e9e70fcbc5d58c594719f_JaffaCakes118
Size

165KB
MD5

17aa7d57035e9e70fcbc5d58c594719f
SHA1

dc308ac0041699dfc47dd4f2114fe77276b02c66
SHA256

01191c4ee1871d9fada0d7238835a0b4c532f44831b2b38c39ef7161a85983c8
SHA512

ef5520e33a195c28c82e652d903948aea3c4cf4a72ab6c64a9129dab10a67f004ee725eae1e54a04936301e8d30330c88fd13d86a2b317a49d43b1470a64953d
SSDEEP

3072:5sBOeFnEQ/2bFq2AMU60AjDV65KDx0T9heZE4ED83a7:S47NlXDViRTrw7+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17aa7d57035e9e70fcbc5d58c594719f_JaffaCakes118

Files

17aa7d57035e9e70fcbc5d58c594719f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

97f9e9c4b324f94a3fcce69e6b275144

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetVersion
GetCommandLineW
GetCommandLineA
lstrcmpiA
GlobalFindAtomW
lstrlenW
GetTickCount
GetConsoleOutputCP
DeleteFileW
GlobalFindAtomA
lstrlenA
DeleteFileA
MulDiv
GetCurrentThread
GetCurrentProcess
GetCurrentThreadId
GetModuleHandleA
SetCurrentDirectoryA
GetOEMCP
GetModuleHandleW
IsDebuggerPresent
GetProcessHeap
GetCurrentProcessId
RemoveDirectoryA
lstrcmpiW
GetUserDefaultLangID
GetDriveTypeA
GetStartupInfoA
QueryPerformanceCounter
GetWindowsDirectoryA
lstrcmpA
VirtualAlloc
VirtualFree

user32

CharNextA
GetDesktopWindow
GetDC
GetSystemMetrics
TranslateMessage
GetParent

gdi32

CreateCompatibleDC
CreatePalette
GetStockObject
SelectPalette
GetObjectA
SetMapMode
GetPixel
SetTextAlign
CreatePen
SetStretchBltMode
RestoreDC
LineTo
GetClipBox
PatBlt
SetTextColor
CreateFontIndirectA
DeleteObject
SaveDC
RectVisible
CreateSolidBrush
GetDeviceCaps
SelectObject
DeleteDC
GetTextMetricsA

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Xixoqydd
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Mwkty. S
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97f9e9c4b324f94a3fcce69e6b275144

Headers

File Characteristics

Imports

kernel32

user32

gdi32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Xixoqydd Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 26KB

Mwkty. S Size: 512B - Virtual size: 4KB

.data Size: 99KB - Virtual size: 98KB

.rsrc Size: 27KB - Virtual size: 26KB

.text
Size: 10KB - Virtual size: 10KB

Xixoqydd
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 26KB

Mwkty. S
Size: 512B - Virtual size: 4KB

.data
Size: 99KB - Virtual size: 98KB

.rsrc
Size: 27KB - Virtual size: 26KB