f67247bb0bdb62537a99cde3fdd20383_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f67247bb0bdb62537a99cde3fdd20383_JaffaCakes118
Size

108KB
MD5

f67247bb0bdb62537a99cde3fdd20383
SHA1

2a5f7313402ab0e30750aa4f5791b873529fac25
SHA256

e3b933a917f3531ee214dcbfd0a5e31dff64d1d91bd27aca6f84c9342bc6e12f
SHA512

4e5c4b1ee135a0a5e0a68126b696b24e180495bb0bff1dc2e854dde8e9b5745f6b254115616adb5abf5b09d922e84e64a01c50704bfe9bda9871deb61501a563
SSDEEP

1536:xDjqw416fMBeXgihqDnJcYKi98BWUqL5Bqlgi977YNMgAMVGQUxQ+oRKLiloXcb:xHqw404evqtyiyYFAgo7UGsPALiloXc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f67247bb0bdb62537a99cde3fdd20383_JaffaCakes118

Files

f67247bb0bdb62537a99cde3fdd20383_JaffaCakes118
.exe windows:5 windows x86 arch:x86

48d219c4b724caccaf78a286cf50fb26

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
GlobalFindAtomA
CopyFileA
lstrlenW
lstrcmpA
QueryPerformanceCounter
VirtualAlloc
GetWindowsDirectoryA
lstrcmpiA
DeleteFileA
lstrlenA
VirtualFree
lstrcmpiW
GetSystemTime
RemoveDirectoryW
FindClose
GetCommandLineA
GetModuleHandleA

gdi32

GetObjectA
GetTextMetricsA
GetStockObject
SetMapMode
DeleteDC
LineTo
DeleteObject
SetTextAlign
GetClipBox
RestoreDC
SelectPalette
GetDeviceCaps
SetTextColor
CreateSolidBrush
GetPixel
SaveDC
RectVisible

user32

CharNextA
GetDesktopWindow
GetSystemMetrics
GetDC
GetParent
TranslateMessage

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ