ef55c413ca0d6c3c78b1e6d70e6a2da6_JaffaCakes118

General

Target

ef55c413ca0d6c3c78b1e6d70e6a2da6_JaffaCakes118
Size

167KB
MD5

ef55c413ca0d6c3c78b1e6d70e6a2da6
SHA1

d848c0b7fe344e161ea89c7471964bc098e2fbac
SHA256

e044f51f3d5d6012ee1e02ba597b6117613e8a944e0db19a7aa68fea02b77bc2
SHA512

af77627ffd304078cfb05fa8064e219948a66590c3b8b5dc493414b6aa0e2cebfdac907be83acd45f6afb0670b5d256962168756ecb3eb0e279691c60f8c1e67
SSDEEP

3072:BKzPPNjjzjris4eSuxMbbgKPpdltaks8bK:BKh79Fhx0Uapkf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef55c413ca0d6c3c78b1e6d70e6a2da6_JaffaCakes118

Files

ef55c413ca0d6c3c78b1e6d70e6a2da6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4ae9db95e50569b589729d85cc81aa26

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateFontIndirectA
SetMapMode
CreatePalette
RestoreDC
GetTextMetricsA
LineTo
SelectObject
CreateSolidBrush
GetStockObject
CreatePen
CreateCompatibleDC
SetTextColor
GetPixel
SetTextAlign
GetObjectA
RectVisible
SetStretchBltMode
SelectPalette
DeleteObject
DeleteDC
SaveDC
GetDeviceCaps
GetClipBox
PatBlt

user32

GetSystemMetrics
CharNextA
GetDesktopWindow
GetDC
GetParent
TranslateMessage

kernel32

GetACP
GetModuleHandleW
lstrlenA
SetCurrentDirectoryA
GetVersion
GetDriveTypeA
IsDebuggerPresent
VirtualAlloc
lstrlenW
GetCurrentProcess
DeleteFileA
VirtualFree
MulDiv
CopyFileA
GlobalFindAtomA
GetTickCount
RemoveDirectoryA
GetModuleHandleA
QueryPerformanceCounter
GlobalFindAtomW
lstrcmpiW
GetConsoleOutputCP
GetProcessHeap
GetStartupInfoA
lstrcmpiA
GetOEMCP
GetCommandLineW
GetWindowsDirectoryA
lstrcmpA
GetCommandLineA
GetThreadLocale
DeleteFileW
GetCurrentProcessId
GetUserDefaultLangID
GetCurrentThread

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Ikliq Ka
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Xiojhous
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ae9db95e50569b589729d85cc81aa26

Headers

File Characteristics

Imports

gdi32

user32

kernel32

glu32

Sections

.text Size: 11KB - Virtual size: 11KB

Ikliq Ka Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 26KB

Xiojhous Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 11KB - Virtual size: 11KB

Ikliq Ka
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 26KB

Xiojhous
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 26KB - Virtual size: 26KB