28390af4637f658b8fc2bbc861b6d371_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28390af4637f658b8fc2bbc861b6d371_JaffaCakes118
Size

118KB
MD5

28390af4637f658b8fc2bbc861b6d371
SHA1

37066ce26cb9fdb66c66acda71ca41062530e582
SHA256

c3aefee08ce48fea2a2ae8ae077b3e215b8c73980a39b910fb189327aa48c357
SHA512

acf863be8663a1f7050117264c6c4c06c1cbf54fae41d148a4e21c6c19eac6622ab675af540f4f024ad1e52f22b68bc62d370b5a07ca634fdb9e63996022d55c
SSDEEP

1536:phSQMh05I5p4ozO6meA+tf1pc28m74/Jk9HzjjfilI6EkAgXfRL6Z0:VJ524WOOA0dpcO7oJk1XfEXfB6Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28390af4637f658b8fc2bbc861b6d371_JaffaCakes118

Files

28390af4637f658b8fc2bbc861b6d371_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4a2576ac0add6309d6642f0dd49e4227

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetParent
CharNextA
TranslateMessage
GetSystemMetrics
GetDC
GetDesktopWindow

kernel32

GetSystemTime
lstrcmpiA
RemoveDirectoryA
lstrlenW
GetCommandLineA
GlobalFindAtomA
VirtualAlloc
GetWindowsDirectoryA
VirtualFree
CopyFileA
GetModuleHandleA
DeleteFileA
RemoveDirectoryW
lstrcmpA
FindClose
lstrlenA
lstrcmpiW
QueryPerformanceCounter

gdi32

RectVisible
SetTextColor
LineTo
CreateCompatibleDC
SelectObject
DeleteDC
GetStockObject
SaveDC
GetTextMetricsA
CreatePalette
GetDeviceCaps
SetTextAlign
RestoreDC
SelectPalette
GetPixel
DeleteObject
SetStretchBltMode
CreateFontIndirectA
GetObjectA
SetMapMode

glu32

gluNurbsCallback

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ