243b9bd9148166f574cec97892bcc868_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

243b9bd9148166f574cec97892bcc868_JaffaCakes118
Size

111KB
MD5

243b9bd9148166f574cec97892bcc868
SHA1

4ccf543fac899af5a552a311f9ede54aca0726d4
SHA256

59f201453f99f70c6108cb20ecefcbd44b767c480bdb2910d5516634d1948489
SHA512

03c45c146d195846e439e6dd1572eb8f90a710d1106dbb14ab14650e21d144a43550960274d27d730f8c54e3279c23c4ab0917059e24636d4f17f8128b05b24a
SSDEEP

3072:x4nNYuSmKsPCd3aSoxab+PTRmelLwGuT+Go:DTsiqHxlPNmeVD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
243b9bd9148166f574cec97892bcc868_JaffaCakes118

Files

243b9bd9148166f574cec97892bcc868_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f6fc777f4d04c5702606919f9c8aa008

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
CharNextA
GetDesktopWindow
TranslateMessage
GetParent
GetSystemMetrics

kernel32

QueryPerformanceCounter
lstrcmpA
GetCommandLineA
GlobalFindAtomA
lstrcmpiW
CopyFileA
RemoveDirectoryA
lstrcmpiA
GetModuleHandleA
GetSystemTime
VirtualAlloc
VirtualFree
lstrlenW
GetWindowsDirectoryA
RemoveDirectoryW
lstrlenA
FindClose
DeleteFileA

gdi32

CreatePalette
SelectPalette
CreateCompatibleDC
LineTo
SetTextColor
GetClipBox
DeleteObject
SetMapMode
SaveDC
RestoreDC
CreateSolidBrush
CreateFontIndirectA
GetTextMetricsA
RectVisible
GetDeviceCaps
GetPixel
SetTextAlign
GetStockObject
SetStretchBltMode
GetObjectA
DeleteDC

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ