0cc7ad3ab517e710aa855bf307107cb3_JaffaCakes118 | Triage

Sharing

General

Target

0cc7ad3ab517e710aa855bf307107cb3_JaffaCakes118
Size

112KB
MD5

0cc7ad3ab517e710aa855bf307107cb3
SHA1

1d6a32921799e165cbd96d93b3b1cf83bf132e12
SHA256

974734dc7936b52f17b2006935386985722f729494b18acef0edb9ccfa048e66
SHA512

0047faa3ee9368617c874fdd00535b4be41a785523619c4c3f6770a29756d44ee3a6db3345f943e04b7c4fcbd5e51542b8d947abf02eeed75b417b6a85de4655
SSDEEP

1536:1juoL57JGr21p6l8ETHeMR1TjXKsUaosikykZZ/33iTEDgtRErgY3tv:JLarspHQBTj6s/riCbARErgYdv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cc7ad3ab517e710aa855bf307107cb3_JaffaCakes118

Files

0cc7ad3ab517e710aa855bf307107cb3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3688fa9df726522c0bf22975051dbd00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
GetDriveTypeA
MulDiv
GetWindowsDirectoryA
SetCurrentDirectoryA
FindClose
GetCommandLineA
GetCurrentThreadId
GetCommandLineW
DeleteFileW
VirtualAlloc
GetCurrentThread
lstrcmpA
GlobalFindAtomW
VirtualFree

gdi32

CreatePen
SetTextAlign
GetObjectA
SetTextColor
DeleteObject
RectVisible
SaveDC
SetStretchBltMode
GetPixel
CreatePalette
LineTo
GetStockObject
DeleteDC

user32

GetParent
GetSystemMetrics
CharNextA
GetDC
GetDesktopWindow
TranslateMessage

glu32

gluNurbsCallback

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ