275384bf11f70d0a9b3c2589a13b2881_JaffaCakes118

General

Target

275384bf11f70d0a9b3c2589a13b2881_JaffaCakes118
Size

165KB
MD5

275384bf11f70d0a9b3c2589a13b2881
SHA1

c60c6ace043bd7dcd4801939c21eff62ef221a5e
SHA256

916fbb838a55d6e983bf265925e91dff674785ba59bccdfe5d7b395ebe5e418d
SHA512

fe2ffc86eba540bcdc78a31a7b453e510bd9171a92cfc0fc097ce5420c6a33a74e0871fd0b003d711e23d511a74677d8682e2a2a0aa96aadc23e27f68eece5c5
SSDEEP

3072:C4fdqV3CnktkCubdmqipr4uuauRN7lRCZ:C4fdIL+dmhpkuuauRE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
275384bf11f70d0a9b3c2589a13b2881_JaffaCakes118

Files

275384bf11f70d0a9b3c2589a13b2881_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bcadaee839fadacd175a7cc260aa47e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetMapMode
SetStretchBltMode
SaveDC
GetTextMetricsA
SelectPalette
CreatePen
GetStockObject
CreatePalette
SelectObject
LineTo
CreateFontIndirectA
GetObjectA
RestoreDC
SetTextColor
RectVisible
CreateCompatibleDC
GetPixel
SetTextAlign
CreateSolidBrush
GetDeviceCaps
GetClipBox
DeleteObject
DeleteDC
PatBlt

user32

CharNextA
GetDC
GetDesktopWindow
GetParent
TranslateMessage
GetSystemMetrics

kernel32

GetModuleHandleW
GetOEMCP
SetCurrentDirectoryA
CopyFileA
lstrcmpA
GetCurrentProcessId
GetDriveTypeA
GetStartupInfoA
RemoveDirectoryA
QueryPerformanceCounter
GetWindowsDirectoryA
GetVersion
lstrlenA
GlobalFindAtomW
GetProcessHeap
GetCurrentThreadId
GetModuleHandleA
GetCommandLineW
lstrcmpiW
GetTickCount
lstrlenW
GetCurrentProcess
IsDebuggerPresent
GetACP
GlobalFindAtomA
DeleteFileA
GetCurrentThread
GetThreadLocale
lstrcmpiA
GetUserDefaultLangID
DeleteFileW
GetConsoleOutputCP
MulDiv
VirtualAlloc
VirtualFree

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Efhdeuuq
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Kexygghv
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bcadaee839fadacd175a7cc260aa47e9

Headers

File Characteristics

Imports

gdi32

user32

kernel32

glu32

Sections

.text Size: 11KB - Virtual size: 11KB

Efhdeuuq Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 24KB

Kexygghv Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 11KB - Virtual size: 11KB

Efhdeuuq
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 24KB

Kexygghv
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 26KB - Virtual size: 26KB