1494ff106773491cbf131f7ebbebda88_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1494ff106773491cbf131f7ebbebda88_JaffaCakes118
Size

109KB
MD5

1494ff106773491cbf131f7ebbebda88
SHA1

eab6c2824edb2c9a870f533e878e050c4ff48b80
SHA256

397a0f439f554d8061ef23e2d575f05f334f3236c47d3844786775d36f205f76
SHA512

f43f4790afe2f3f838f88fc1e1253f6dd780cad324ce847d7a12cd5dcd6e547f6f3d8250757b2da32d8fad0eca46981ee90633ff17a83f008b669b1b70aafff7
SSDEEP

3072:BZ4gycEmQQ4J5vQG9pCtQ5LQ217IHzaQ3PoR+gF3P0:BCtQ4vvtpCyFLStPo5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1494ff106773491cbf131f7ebbebda88_JaffaCakes118

Files

1494ff106773491cbf131f7ebbebda88_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f41d7606794dc47c7d630391cd63cf8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
GetDesktopWindow
GetParent
GetDC
CharNextA
TranslateMessage

gdi32

SaveDC
DeleteDC
SetTextAlign
DeleteObject
SelectObject
CreateSolidBrush
GetClipBox
GetDeviceCaps
RestoreDC
GetObjectA
LineTo
SelectPalette
CreateCompatibleDC
SetStretchBltMode
GetPixel
GetStockObject
SetTextColor
CreateFontIndirectA
CreatePalette
RectVisible

kernel32

lstrcmpiA
RemoveDirectoryA
GetWindowsDirectoryA
GlobalFindAtomA
DeleteFileA
lstrlenW
GetSystemTime
lstrcmpA
QueryPerformanceCounter
CopyFileA
VirtualAlloc
GetCommandLineA
lstrlenA
VirtualFree
lstrcmpiW
GetModuleHandleA
RemoveDirectoryW
FindClose

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lrrhgex
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE