ce17b802ae90ee0cefcf9fbdaa75ecc9_JaffaCakes118

General

Target

ce17b802ae90ee0cefcf9fbdaa75ecc9_JaffaCakes118
Size

112KB
MD5

ce17b802ae90ee0cefcf9fbdaa75ecc9
SHA1

eb07a05b2ee586025385d5eee948246bb516fc5c
SHA256

e27bbded3c96302368219c91edd256fd91348c33e63ef75c729e5e08737f75bb
SHA512

4dc01e3d9fc2cf4c66846dbcec041ca8d9443ea5988e70d3cd7e656226209f592ca5a3aec5c9531e414345bd1c3ac1a07873d177b2a4b4b652cec293399b2958
SSDEEP

1536:8AigAn7A1LU/Zf2ByON9TR0ZqV+zN6ozOdmqdTepmYFs10:zigAnQUt2wOjTRExzN69dSply

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce17b802ae90ee0cefcf9fbdaa75ecc9_JaffaCakes118

Files

ce17b802ae90ee0cefcf9fbdaa75ecc9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b1190a69618caf427f9cc8201701052d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
TranslateMessage
CharNextA
GetParent
GetDesktopWindow

gdi32

GetClipBox
GetStockObject
DeleteDC
LineTo
PatBlt
GetTextMetricsA
SelectPalette
RectVisible
SetStretchBltMode
SaveDC
DeleteObject
CreatePen
SelectObject
CreateFontIndirectA
SetTextColor
CreateSolidBrush
GetDeviceCaps
SetMapMode
CreateCompatibleDC
GetObjectA
SetTextAlign
CreatePalette
GetPixel
RestoreDC
SetPixel

kernel32

GetCommandLineW
MulDiv
GetOEMCP
DeleteFileW
GetCommandLineA
RemoveDirectoryA
GetModuleHandleA
GetStartupInfoA
GetCurrentThreadId
GetACP
lstrlenW
GetCurrentProcess
lstrcmpA
SetCurrentDirectoryA
GetCurrentProcessId
GetModuleHandleW
VirtualAlloc
GetWindowsDirectoryA
VirtualFree
GetDriveTypeA
IsDebuggerPresent
QueryPerformanceCounter
DeleteFileA
GetConsoleOutputCP
CopyFileA
GetCurrentThread
GlobalFindAtomA
GetProcessHeap
GetVersion
GetThreadLocale
GlobalFindAtomW
lstrlenA
GetUserDefaultLangID
lstrcmpiA
GetTickCount
lstrcmpiW
RemoveDirectoryW

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1190a69618caf427f9cc8201701052d

Headers

File Characteristics

Imports

user32

gdi32

kernel32

glu32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 80KB - Virtual size: 79KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 80KB - Virtual size: 79KB

.rsrc
Size: 11KB - Virtual size: 11KB