ded0f1ae2e8d7a11cd0a1c5edc1c201a_JaffaCakes118

General

Target

ded0f1ae2e8d7a11cd0a1c5edc1c201a_JaffaCakes118
Size

168KB
MD5

ded0f1ae2e8d7a11cd0a1c5edc1c201a
SHA1

8a9a33b78fc3711d97d4bdc086aea91c2a63fbfa
SHA256

1efb68ecb8a039444e43ebf2dd6834f98226a2eddc5356f9c0b60d3fde55f924
SHA512

707f5af6046a3d74ea749a7b592a4dd279c6b5f6324ba96bea95e87054e66ef785271fc5fdcc763df1f25d39a140e8fc7298079e7c1b6b78501981463c089293
SSDEEP

3072:1+7rk755IFufqdR3G14BJ4tvcIuRKmIxrCpgdX:1+U8we2aBJ4tDuR8r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ded0f1ae2e8d7a11cd0a1c5edc1c201a_JaffaCakes118

Files

ded0f1ae2e8d7a11cd0a1c5edc1c201a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fdf6abc499ac8dd137c225d9df722bdc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

RestoreDC
GetStockObject
GetObjectA
RectVisible
SetTextAlign
SelectPalette
CreateSolidBrush
SetTextColor
GetTextMetricsA
GetClipBox
GetPixel
CreatePen
DeleteDC
CreateFontIndirectA
GetDeviceCaps
DeleteObject
PatBlt
CreateCompatibleDC
SaveDC
SetStretchBltMode
SetMapMode
CreatePalette
SelectObject
LineTo

kernel32

lstrlenW
GetStartupInfoA
GetModuleHandleA
GetCurrentThread
GetUserDefaultLangID
GlobalFindAtomA
GetCurrentProcessId
GetVersion
GetThreadLocale
GetCurrentProcess
GetWindowsDirectoryA
CopyFileA
GetProcessHeap
GlobalFindAtomW
SetCurrentDirectoryA
lstrlenA
GetOEMCP
GetACP
GetModuleHandleW
GetCommandLineA
lstrcmpA
RemoveDirectoryA
DeleteFileW
lstrcmpiW
GetCommandLineW
QueryPerformanceCounter
DeleteFileA
GetCurrentThreadId
MulDiv
lstrcmpiA
IsDebuggerPresent
VirtualAlloc
VirtualFree
GetTickCount

user32

CharNextA
TranslateMessage
GetSystemMetrics
GetParent
GetDesktopWindow
GetDC

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sadbbthr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Nwfcv Fc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fdf6abc499ac8dd137c225d9df722bdc

Headers

File Characteristics

Imports

gdi32

kernel32

user32

glu32

Sections

.text Size: 11KB - Virtual size: 10KB

Sadbbthr Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 24KB

Nwfcv Fc Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.rsrc Size: 30KB - Virtual size: 29KB

.text
Size: 11KB - Virtual size: 10KB

Sadbbthr
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 24KB

Nwfcv Fc
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 30KB - Virtual size: 29KB