182598c7bf643da00fe7c99e63e299a1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

182598c7bf643da00fe7c99e63e299a1_JaffaCakes118
Size

60KB
MD5

182598c7bf643da00fe7c99e63e299a1
SHA1

0a3a83eef68b52a290ba2e7bb88fbdce380197b7
SHA256

44da3dd6e094a963293f53f0a79a449eda0b92ec99e619ed34b89af10e91403c
SHA512

6b9665e3c806f124ab559ca2038f94cbffe84e499566aee6a5e7c497322e9714af228adcde7265dd13c9956b0c0eeb6510e49a88e32d6c65996609c69233b1db
SSDEEP

1536:Yrwe2Ko4ujVfQKEJOIsb40r2Ta23dOsAyf:YUe/uxtEJOjrr2TJ3dOsAyf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
182598c7bf643da00fe7c99e63e299a1_JaffaCakes118

Files

182598c7bf643da00fe7c99e63e299a1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c2aa81e7ea567c99d675531a707d8088

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

LineTo
SaveDC
GetObjectA
SetTextColor
PatBlt
DeleteDC
DeleteObject
RestoreDC
SetWindowExtEx

user32

GetParent
TranslateMessage
ShowWindow
DispatchMessageA
GetDC
CharNextA

kernel32

SetCurrentDirectoryA
MulDiv
VirtualAlloc
GetThreadLocale
RemoveDirectoryA
VirtualFree

glu32

gluTessCallback

comctl32

InitCommonControls

Sections

.text
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Wsuhl Mb
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ