1a856b83564baa8052f1b60a0b5f1206_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a856b83564baa8052f1b60a0b5f1206_JaffaCakes118
Size

112KB
MD5

1a856b83564baa8052f1b60a0b5f1206
SHA1

9bd4957c362dcbf3f4393344e32c0db7a3580258
SHA256

db342fec7771e40d4c27bace12d6f9c409c3212df0eae8f9617b1e7fe3c1ba20
SHA512

f62444d95107216aae7e9fae8ce4724322bbdd921d855415473c5cb23828cc5ede7e4e11c08eb7958a90629fece7376500d4813fcb1faccd52c7081dcb46e6cf
SSDEEP

1536:9mFyFneHBmZiUwoqhgbxZwuDiw7Kjbw7FkO+crzii6WoZml83x6iO2GidHW:9ky9eHBqi45Y+nObw5kFcrbIml7idHW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a856b83564baa8052f1b60a0b5f1206_JaffaCakes118

Files

1a856b83564baa8052f1b60a0b5f1206_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f54c78f6d96916fd7c17d8bdd0c6143f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
GetDC
TranslateMessage
CharNextA
GetParent
GetDesktopWindow

kernel32

CopyFileA
GetSystemTime
GetModuleHandleA
lstrlenW
GetWindowsDirectoryA
QueryPerformanceCounter
GetCommandLineA
GlobalFindAtomA
RemoveDirectoryW
FindClose
lstrcmpA
DeleteFileA
lstrlenA
lstrcmpiA
RemoveDirectoryA
lstrcmpiW
VirtualAlloc
VirtualFree

gdi32

GetPixel
SetStretchBltMode
CreatePalette
DeleteDC
GetClipBox
GetTextMetricsA
SelectPalette
GetDeviceCaps
SetTextAlign
SetMapMode
LineTo
RectVisible
DeleteObject
SetTextColor
GetObjectA
GetStockObject
CreateFontIndirectA
CreateSolidBrush

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ