535f0a061893ed5c80bebf020d06add9_JaffaCakes118

General

Target

535f0a061893ed5c80bebf020d06add9_JaffaCakes118
Size

170KB
MD5

535f0a061893ed5c80bebf020d06add9
SHA1

25f989f28ab7faee394cbc3ca9dfe901fef1ad13
SHA256

b4935e96abb13bffb35fb649e28b2327a49c12b68a6f5fe113378185de977a3d
SHA512

6d29f5413b74947d55579882ab4563010f8bdfa1c3f2812a9eedeec12da6d54072d2624cac92dacc3dac5e489731300d6c8fe6d1870949c2c6be814e2d0adfb8
SSDEEP

3072:1OzdHTO/A0eU2nU/CVQFCL7RTxwuWcmghkg529:1Oh0n2nU/LE/R7Wx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
535f0a061893ed5c80bebf020d06add9_JaffaCakes118

Files

535f0a061893ed5c80bebf020d06add9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6bbd635f89d60f7ab02db4cf89575641

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreatePalette
CreateSolidBrush
DeleteDC
RestoreDC
SelectObject
SetMapMode
GetDeviceCaps
GetStockObject
RectVisible
GetClipBox
SelectPalette
SetStretchBltMode
DeleteObject
SetTextAlign
GetObjectA
SetTextColor
CreatePen
GetPixel
SaveDC
CreateCompatibleDC
PatBlt
GetTextMetricsA
LineTo
CreateFontIndirectA

user32

TranslateMessage
GetDesktopWindow
CharNextA
GetDC
GetParent
GetSystemMetrics

kernel32

GetVersion
SetCurrentDirectoryA
GetCurrentThread
GetTickCount
MulDiv
GetCommandLineA
DeleteFileW
GetCommandLineW
IsDebuggerPresent
GetWindowsDirectoryA
GetOEMCP
GetConsoleOutputCP
GetCurrentProcess
QueryPerformanceCounter
GetACP
GetDriveTypeA
CopyFileA
GetStartupInfoA
GlobalFindAtomA
RemoveDirectoryA
GetThreadLocale
GetModuleHandleA
GetCurrentThreadId
lstrlenW
GetCurrentProcessId
lstrcmpiW
lstrcmpA
GetUserDefaultLangID
lstrcmpiA
DeleteFileA
lstrlenA
GetProcessHeap
VirtualAlloc
VirtualFree

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Gdhssidl
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Bnxos Jc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6bbd635f89d60f7ab02db4cf89575641

Headers

File Characteristics

Imports

gdi32

user32

kernel32

glu32

Sections

.text Size: 11KB - Virtual size: 10KB

Gdhssidl Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 25KB

Bnxos Jc Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.rsrc Size: 31KB - Virtual size: 31KB

.text
Size: 11KB - Virtual size: 10KB

Gdhssidl
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 25KB

Bnxos Jc
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 31KB - Virtual size: 31KB