0dade92667c5c9640c9fca3d43f45e9f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0dade92667c5c9640c9fca3d43f45e9f_JaffaCakes118
Size

111KB
MD5

0dade92667c5c9640c9fca3d43f45e9f
SHA1

ae22a25c9e61bdf79da89eeddadf7475d406f6da
SHA256

cab3e81cef08415967d39d2cdb66a664ba3aefd6b4dce69bb828e59f2674c944
SHA512

9a16f3b08a81a08f48aa3f7fe78df8ac8e528299c66805d0379f507858727a50d08f613dcb10a63d866814770d0f190624d17dbb7854201d6f5a72d52bcadf54
SSDEEP

1536:uA4NdruNEJ3yizFPXD4wSZbbRn8gU6pL7VpC/veLyODS5oBUukxzPbJhA39PVztJ:4NANqZyZR8L07eeGODUoBQ5tT3WiU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dade92667c5c9640c9fca3d43f45e9f_JaffaCakes118

Files

0dade92667c5c9640c9fca3d43f45e9f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5fed948e6cdb83292b792de67f1f4dd9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
lstrlenW
GlobalFindAtomA
DeleteFileA
lstrcmpiA
RemoveDirectoryW
GetSystemTime
FindClose
GetWindowsDirectoryA
GetModuleHandleA
lstrcmpiW
lstrcmpA
RemoveDirectoryA
CopyFileA
QueryPerformanceCounter
GetCommandLineA
VirtualAlloc
VirtualFree

gdi32

SetTextColor
RectVisible
GetObjectA
SelectPalette
SetTextAlign
LineTo
DeleteObject
GetStockObject
CreateSolidBrush
SelectObject
CreatePalette
DeleteDC
CreateCompatibleDC
RestoreDC
SetMapMode
GetClipBox
CreateFontIndirectA
SaveDC
GetDeviceCaps
SetStretchBltMode

user32

TranslateMessage
GetParent
GetDesktopWindow
CharNextA
GetSystemMetrics
GetDC

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ