1750a15c5d5ad68854ed7356f15680c9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1750a15c5d5ad68854ed7356f15680c9_JaffaCakes118
Size

106KB
MD5

1750a15c5d5ad68854ed7356f15680c9
SHA1

ee4d1609fadeacdde9e8b7b14e3ce0bcbb96c119
SHA256

195e6de44cfee6b8a53725ea788dd6c8357e1be5a9fc58ecc927684979a7c4e4
SHA512

d527e8d44cf487432dd7f8b115f93c15312ffa4125035e1041c915f69e163da104cde6a8d45ad417088a6ddd722e0cd56b71c778e9b8255ce131bdce1b8439d2
SSDEEP

3072:aYRcFwRR2bOuYw7dBscyhufIhD4b9LCuPy3RdCyf1Z:wFW0ZrsxBZYCu63v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1750a15c5d5ad68854ed7356f15680c9_JaffaCakes118

Files

1750a15c5d5ad68854ed7356f15680c9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

68d5e27b396c04f6c72d6df89b625601

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
GetParent
CharNextA
GetDesktopWindow
GetDC
TranslateMessage

gdi32

CreateCompatibleDC
RectVisible
GetClipBox
CreatePalette
SelectObject
SelectPalette
SetStretchBltMode
SaveDC
CreateFontIndirectA
CreateSolidBrush
SetMapMode
DeleteObject
GetTextMetricsA
GetDeviceCaps
GetObjectA
SetTextColor
SetTextAlign
DeleteDC
GetStockObject
RestoreDC
LineTo
GetPixel

kernel32

lstrcmpiA
lstrlenW
GetCommandLineA
lstrcmpA
lstrlenA
lstrcmpiW
RemoveDirectoryA
QueryPerformanceCounter
DeleteFileA
RemoveDirectoryW
FindClose
CopyFileA
GetSystemTime
GetModuleHandleA
GlobalFindAtomA
GetWindowsDirectoryA
VirtualAlloc
VirtualFree

glu32

gluNurbsCallback

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nvlldmt
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE