05d09feb4a8d61b5c2bc8ceb03cfacb8_JaffaCakes118 | Triage

Sharing

General

Target

05d09feb4a8d61b5c2bc8ceb03cfacb8_JaffaCakes118
Size

105KB
MD5

05d09feb4a8d61b5c2bc8ceb03cfacb8
SHA1

f3cc9da78fc6019f4823d478f8d898c0e7c5cc0d
SHA256

9380c726a8dc9cb38a2ff3800847e340f379bc92aada04d36af6d76d24ccc268
SHA512

42de2fe70e1048ef7bdf5d32f39d466318f35bc89eb6a60d9cb31b30cf698284ecca20077ac28c40dab17b76f7965268b0639ada741baa5fe6f233e1fb7cfffb
SSDEEP

1536:IFfFOQkbybyKPEKIPUaIeAwQXIyUDZixqtuvX4fAIz83iy+8Anegpl/4+:I1hkGbyqEK9eAVYFhwf4fAmnegr/4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05d09feb4a8d61b5c2bc8ceb03cfacb8_JaffaCakes118

Files

05d09feb4a8d61b5c2bc8ceb03cfacb8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8658dceec804cc4ea429471ca6a49ce6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
RemoveDirectoryA
RemoveDirectoryW
DeleteFileA
FindClose
lstrcmpiA
lstrlenA
GetSystemTime
GetModuleHandleA
lstrcmpA
GetWindowsDirectoryA
GetCommandLineA
CopyFileA
lstrlenW
GlobalFindAtomA
QueryPerformanceCounter
VirtualAlloc
VirtualFree

gdi32

CreateFontIndirectA
CreatePalette
GetPixel
LineTo
GetTextMetricsA
CreateSolidBrush
SetStretchBltMode
SelectPalette
SetTextAlign
DeleteObject
RestoreDC
SetTextColor
SetMapMode
DeleteDC
SaveDC
GetClipBox
GetDeviceCaps
CreateCompatibleDC
RectVisible
GetStockObject

user32

GetSystemMetrics
GetDesktopWindow
TranslateMessage
GetDC
GetParent
CharNextA

glu32

gluNurbsCallback

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ