e13b9ed6cc055a6df654a752a30068ff_JaffaCakes118

General

Target

e13b9ed6cc055a6df654a752a30068ff_JaffaCakes118
Size

169KB
MD5

e13b9ed6cc055a6df654a752a30068ff
SHA1

74d8c6eaf784b09b1bddb152ce3e68fde4dc6066
SHA256

4219decbdb98371007416c5589c755a424e7252ae2450e8e9f90f02119cd6215
SHA512

8180a168d0cd9549f84460a8348d169d2e2240e1c585c88f852ba03efc4cf8d384170247964b269389d608d4c97848d16429066790f9a9d2dca6b4db82dd3440
SSDEEP

3072:o9lxPdkOsTDatpWdEZogkKtcK6QtDRlr2KivgOK+6RMsjV6:ylfiT/dEZoDB0tJ28OKXo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e13b9ed6cc055a6df654a752a30068ff_JaffaCakes118

Files

e13b9ed6cc055a6df654a752a30068ff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e394aa91c80a7a9dad5553a8e1134dd5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
GetTickCount
GetStartupInfoA
GetThreadLocale
GetModuleHandleA
MulDiv
CopyFileA
GetCommandLineA
DeleteFileW
lstrcmpiA
GetCommandLineW
SetCurrentDirectoryA
GlobalFindAtomW
GetCurrentThreadId
DeleteFileA
lstrlenW
QueryPerformanceCounter
GlobalFindAtomA
lstrcmpA
GetOEMCP
GetDriveTypeA
GetACP
GetWindowsDirectoryA
VirtualAlloc
GetModuleHandleW
GetCurrentProcess
VirtualFree
GetUserDefaultLangID
GetProcessHeap
lstrlenA
RemoveDirectoryA
GetCurrentThread
GetCurrentProcessId
GetConsoleOutputCP
GetVersion
lstrcmpiW

gdi32

CreatePen
GetStockObject
PatBlt
SetTextColor
GetClipBox
CreateSolidBrush
CreatePalette
RectVisible
GetDeviceCaps
DeleteObject
SetTextAlign
CreateFontIndirectA
RestoreDC
SaveDC
SetStretchBltMode
CreateCompatibleDC
GetTextMetricsA
GetPixel
LineTo
SetMapMode
GetObjectA
SelectObject
DeleteDC

user32

CharNextA
GetDesktopWindow
GetDC
TranslateMessage
GetParent
GetSystemMetrics

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Ylpjd Nw
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Rbulagqh
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e394aa91c80a7a9dad5553a8e1134dd5

Headers

File Characteristics

Imports

kernel32

gdi32

user32

glu32

Sections

.text Size: 11KB - Virtual size: 10KB

Ylpjd Nw Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 25KB

Rbulagqh Size: 512B - Virtual size: 4KB

.data Size: 102KB - Virtual size: 101KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 11KB - Virtual size: 10KB

Ylpjd Nw
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 25KB

Rbulagqh
Size: 512B - Virtual size: 4KB

.data
Size: 102KB - Virtual size: 101KB

.rsrc
Size: 28KB - Virtual size: 28KB