0eddb1b300b29322bd4108c4c260d5a4_JaffaCakes118

General

Target

0eddb1b300b29322bd4108c4c260d5a4_JaffaCakes118
Size

116KB
MD5

0eddb1b300b29322bd4108c4c260d5a4
SHA1

6ce1ee2a82829239b023bfd37c390cde4e381786
SHA256

1e4e95d2f1a7ea10de9bc5fe2d7ac6f72fe51dd70fc2a8dfdc46169ad334d6ab
SHA512

05542713dd9b9dc7905b07bf048ff39f8d614e7360721d974444a82fcdc4a2a55b919398d3af92eeb37d0bdf91820a220238f5142f4352dd8c819691e4284e66
SSDEEP

1536:fWSQZjq/XNibe2JNtAnXMchMYo7VR9Y9adozL4ICuLTJynKPqrg:fWS2G/XEbe27tqXMoMYo7W95n4Kirg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0eddb1b300b29322bd4108c4c260d5a4_JaffaCakes118

Files

0eddb1b300b29322bd4108c4c260d5a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5fcda3aa5fc4c6decd18750e0722d97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetParent
GetSystemMetrics
TranslateMessage
CharNextA
GetDesktopWindow

gdi32

DeleteDC
CreatePen
SaveDC
CreateSolidBrush
DeleteObject
GetDeviceCaps
CreatePalette
GetPixel
RectVisible
GetObjectA
CreateCompatibleDC
SelectPalette
SetMapMode
CreateFontIndirectA
SetStretchBltMode
RestoreDC
SetTextColor
GetClipBox
GetStockObject
PatBlt
LineTo
SetTextAlign
GetTextMetricsA
SelectObject
SetPixel

kernel32

DeleteFileW
DeleteFileA
GetCurrentProcessId
GetProcessHeap
QueryPerformanceCounter
GlobalFindAtomA
IsDebuggerPresent
GetCurrentThread
lstrcmpiA
GetWindowsDirectoryA
RemoveDirectoryA
GetDriveTypeA
SetCurrentDirectoryA
CopyFileA
GlobalFindAtomW
GetOEMCP
GetACP
GetThreadLocale
GetConsoleOutputCP
GetUserDefaultLangID
GetStartupInfoA
GetCommandLineW
GetCurrentThreadId
lstrlenW
lstrcmpiW
lstrlenA
GetModuleHandleA
GetVersion
GetCommandLineA
GetCurrentProcess
GetModuleHandleW
VirtualAlloc
VirtualFree
RemoveDirectoryW
GetTickCount
lstrcmpA
MulDiv

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5fcda3aa5fc4c6decd18750e0722d97

Headers

File Characteristics

Imports

user32

gdi32

kernel32

glu32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 80KB - Virtual size: 80KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 80KB - Virtual size: 80KB

.rsrc
Size: 14KB - Virtual size: 14KB