0f0fc84fd33d19b78fe509835fea6172_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f0fc84fd33d19b78fe509835fea6172_JaffaCakes118
Size

150KB
MD5

0f0fc84fd33d19b78fe509835fea6172
SHA1

26e8d821f5c3725a23dc0365fd50bffcf37be6ef
SHA256

8473172ef724b208934345b84ef15468470df9e4412b418aa057078d7d3ec086
SHA512

c97414ea5e9864b79d5e3272f32c1670074410541c09e1ce3300b428071f6ea91c6867cdb8a26fd7b2c0e144e76e146413958009cc8fbc3cf9093ca6137bf9c5
SSDEEP

3072:UgKYBGIAqRoO9jHeZTwu1poKFvCmjzuDV:UWB1lBsVUD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f0fc84fd33d19b78fe509835fea6172_JaffaCakes118

Files

0f0fc84fd33d19b78fe509835fea6172_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f176d2cc22f4216d7f948429ff596226

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreatePalette
SaveDC
SetBkMode
Rectangle
GetTextMetricsA
CreateSolidBrush
GetPixel
CreateCompatibleDC
RectVisible

kernel32

GetCommandLineA
GetCurrentThread
GetModuleHandleA
SetLastError
lstrcmpiA
GetDriveTypeA
lstrcmpA
VirtualAlloc
GetLastError
GetCurrentThreadId
VirtualFree

user32

CharNextA
DispatchMessageA
TranslateMessage
GetSystemMetrics

glu32

gluTessCallback

comctl32

InitCommonControls

Sections

.text
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Qbaml Il
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ