15d8ff090f3a047c1dad1076e1736862_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15d8ff090f3a047c1dad1076e1736862_JaffaCakes118
Size

104KB
MD5

15d8ff090f3a047c1dad1076e1736862
SHA1

21ea6df6c8b2192245086ee76e4d93d8361eff4e
SHA256

963845c31392565fb1d00542a9665ad8221b3cc7512c15a107cda2f7fe6c9611
SHA512

170667ea3a51bb86e33836451dac66083a36511bc7a592f3fe24871f75ad281cfdf0c46f0f328aa9d6065df73f67cc4ed352cfabb87f39e72d2e991bf82d1704
SSDEEP

1536:3p+Qn+qUYbPg/NkfvBO4UuW9dS8BYN1CyNNhT+WvdoBAYpyMPi6ECI4V+jvIR:3UHq3DmNkXBor9UHvXhQB9pyE+jvIR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15d8ff090f3a047c1dad1076e1736862_JaffaCakes118

Files

15d8ff090f3a047c1dad1076e1736862_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c11a4e456373589bf7ebe211d33f0a14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
GetSystemMetrics
CharNextA
GetParent
GetDC
GetDesktopWindow

kernel32

GlobalFindAtomA
RemoveDirectoryA
lstrcmpiW
CopyFileA
lstrlenW
GetSystemTime
QueryPerformanceCounter
GetModuleHandleA
GetCommandLineA
RemoveDirectoryW
FindClose
GetWindowsDirectoryA
lstrcmpA
lstrcmpiA
DeleteFileA
VirtualAlloc
lstrlenA
VirtualFree

gdi32

CreatePalette
CreateCompatibleDC
SetTextAlign
SetMapMode
GetClipBox
GetPixel
GetDeviceCaps
LineTo
CreateSolidBrush
SetStretchBltMode
DeleteObject
GetStockObject
CreateFontIndirectA
GetTextMetricsA
RectVisible
SaveDC
SetTextColor
GetObjectA
RestoreDC
SelectObject

glu32

gluNurbsCallback

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ