dd013ad43b7653a1fa298b23e5c0ddfe_JaffaCakes118

General

Target

dd013ad43b7653a1fa298b23e5c0ddfe_JaffaCakes118
Size

168KB
MD5

dd013ad43b7653a1fa298b23e5c0ddfe
SHA1

e7fd25ad9132138195d46a24ded9a2bf8a6eed44
SHA256

23c84de582490ffb926475965c397990321f359f6a53a0354a51abfd293e02cd
SHA512

0d12d534224357d062e97445dcb85d9845ac4dda6ca2446846a82a8ebbfb25c1b5b9fce2b1a351e19ac5e0903e9e44925d0d3bdeac9f9b2afcab95c964e446e6
SSDEEP

3072:iIgVOi7w6pcpEak0QpNETSHLREv3He1JikDqH:ipN0Qls3+1I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd013ad43b7653a1fa298b23e5c0ddfe_JaffaCakes118

Files

dd013ad43b7653a1fa298b23e5c0ddfe_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9a1c256a8246de0a8ccf2885881d5411

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
CharNextA
GetDC
GetParent
GetDesktopWindow
TranslateMessage

kernel32

GetModuleHandleW
GetACP
lstrcmpiW
DeleteFileW
GetTickCount
lstrcmpiA
GetProcessHeap
GetCurrentThreadId
GetDriveTypeA
GetWindowsDirectoryA
RemoveDirectoryA
MulDiv
GetUserDefaultLangID
GetConsoleOutputCP
GetCommandLineA
DeleteFileA
GetVersion
GetCurrentProcessId
GetThreadLocale
lstrlenW
GetCurrentThread
GetModuleHandleA
CopyFileA
GetCommandLineW
IsDebuggerPresent
lstrlenA
SetCurrentDirectoryA
GlobalFindAtomA
GetCurrentProcess
GetOEMCP
GlobalFindAtomW
lstrcmpA
VirtualAlloc
VirtualFree

gdi32

GetObjectA
SetTextAlign
LineTo
DeleteObject
SetStretchBltMode
SetTextColor
CreateCompatibleDC
GetPixel
CreateFontIndirectA
SaveDC
SelectPalette
GetTextMetricsA
RestoreDC
RectVisible
GetClipBox
DeleteDC
SetMapMode
PatBlt
CreatePen
GetDeviceCaps
GetStockObject
CreatePalette
SelectObject
CreateSolidBrush

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Evdwqdst
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Ttvwjbkm
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a1c256a8246de0a8ccf2885881d5411

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Evdwqdst Size: 512B - Virtual size: 4KB

.rdata Size: 24KB - Virtual size: 24KB

Ttvwjbkm Size: 512B - Virtual size: 4KB

.data Size: 102KB - Virtual size: 102KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 10KB - Virtual size: 10KB

Evdwqdst
Size: 512B - Virtual size: 4KB

.rdata
Size: 24KB - Virtual size: 24KB

Ttvwjbkm
Size: 512B - Virtual size: 4KB

.data
Size: 102KB - Virtual size: 102KB

.rsrc
Size: 28KB - Virtual size: 28KB