074ce6434675f89e49def102e052372a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

074ce6434675f89e49def102e052372a_JaffaCakes118
Size

103KB
MD5

074ce6434675f89e49def102e052372a
SHA1

effdb8dcf9f484bcdfdb1a45a46f2878445d3708
SHA256

49491473220e82f25bd04e297ca0db2dcfbb6a6dd92bacd7d18e8738c87cc2dd
SHA512

a6f7b358bb801eb73e513fe4d5d3d65372edde13c2cf93a78a0b804f64b6f69dcbfd2d06311022f47ad887f2874fe660f2007c94df77d9a9f68839a7367dacba
SSDEEP

3072:6mhfZh55IjuzRKQfHJWAh1pd+K9K9YgU:BZh53oCJn+oF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
074ce6434675f89e49def102e052372a_JaffaCakes118

Files

074ce6434675f89e49def102e052372a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b3e815677812c46b9052643ca9652406

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextA
TranslateMessage
GetSystemMetrics
GetDC
GetParent
GetDesktopWindow

kernel32

lstrlenW
GetWindowsDirectoryA
lstrlenA
RemoveDirectoryA
GetCommandLineA
lstrcmpA
GetModuleHandleA
CopyFileA
RemoveDirectoryW
DeleteFileA
FindClose
lstrcmpiA
lstrcmpiW
GetSystemTime
QueryPerformanceCounter
VirtualAlloc
VirtualFree
GlobalFindAtomA

gdi32

DeleteObject
GetPixel
GetClipBox
CreateSolidBrush
SelectObject
CreateCompatibleDC
CreateFontIndirectA
SetMapMode
SaveDC
GetTextMetricsA
SetStretchBltMode
GetObjectA
GetDeviceCaps
RectVisible
SelectPalette
RestoreDC
GetStockObject
DeleteDC
LineTo
SetTextColor

glu32

gluNurbsCallback

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ