5eed59b8376e21cc7ce8eb86ae21c3a4_JaffaCakes118

General

Target

5eed59b8376e21cc7ce8eb86ae21c3a4_JaffaCakes118
Size

93KB
MD5

5eed59b8376e21cc7ce8eb86ae21c3a4
SHA1

ddcc1ffb96cabb1ebc47539a86424518c64f5824
SHA256

3df013d5e05e209d0e5724d425f5ee9e940c50c56457ccba04efcfaba219a0f2
SHA512

f6bd04eb786e948a1ba009a7caa3e8110fee588e26bf0e345b9d8bd7733b2944aa2ac29c48e96fb452f7596644e8158c5f9f8bf653cc67a65bcf7e010ee1db62
SSDEEP

1536:lAOqsrVZ9nqmMv1hs3pZQTJyJjbZfA4Mdck:lAOFFAmZOJ0FY4cc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5eed59b8376e21cc7ce8eb86ae21c3a4_JaffaCakes118

Files

5eed59b8376e21cc7ce8eb86ae21c3a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0f60029a223f1e6d179808def306d1c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetParent
TranslateMessage
GetSystemMetrics
GetDC
GetDesktopWindow
CharNextA

kernel32

GetStartupInfoA
DeleteFileA
GetCurrentProcessId
GetVersion
SetCurrentDirectoryA
RemoveDirectoryA
MulDiv
GetWindowsDirectoryA
lstrlenA
GlobalFindAtomW
GetTickCount
GetCommandLineW
GetCurrentThread
GetOEMCP
GetACP
GetCommandLineA
GetConsoleOutputCP
GlobalFindAtomA
QueryPerformanceCounter
GetCurrentProcess
GetDriveTypeA
GetProcessHeap
CopyFileA
lstrcmpA
lstrlenW
lstrcmpiA
DeleteFileW
GetThreadLocale
RemoveDirectoryW
GetModuleHandleA
GetModuleHandleW
lstrcmpiW
ExitProcess
GetUserDefaultLangID
VirtualAlloc

gdi32

PatBlt
GetStockObject
GetClipBox
SetTextAlign
DeleteObject
GetTextMetricsA
DeleteDC
CreatePen
GetPixel
GetObjectA
GetDeviceCaps
RestoreDC
SaveDC
CreateFontIndirectA
SelectObject
CreateSolidBrush
CreatePalette
SetMapMode
LineTo
RectVisible
SetStretchBltMode
CreateCompatibleDC
SelectPalette
SetTextColor
GetNearestPaletteIndex

glu32

gluQuadricCallback

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f60029a223f1e6d179808def306d1c4

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 21KB - Virtual size: 20KB

.data Size: 60KB - Virtual size: 59KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 21KB - Virtual size: 20KB

.data
Size: 60KB - Virtual size: 59KB

.rsrc
Size: 11KB - Virtual size: 11KB