29f7ecd6471244f40e347392155eb649_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29f7ecd6471244f40e347392155eb649_JaffaCakes118
Size

105KB
MD5

29f7ecd6471244f40e347392155eb649
SHA1

948d21f432916d4345e20b294c4b7f564b6f2ef0
SHA256

cc0e1ab2d5db28613678d7317cf1c0590239e6fad33534d936e75b1e0719300d
SHA512

14a7e800f3db8132a1a89794924a033b1ada3d7eb17e4a39ae87c272ccc07e294ac529469d17f00733d87e9eb045d10ccd750831baa9d8437509112de4061fdd
SSDEEP

3072:kCCYhjlegs/k6q43A3Kcxq4MNO2ip2EMzy6X:dpggs/k6q43A3KwMNO2oe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29f7ecd6471244f40e347392155eb649_JaffaCakes118

Files

29f7ecd6471244f40e347392155eb649_JaffaCakes118
.exe windows:4 windows x86 arch:x86

775806cb86403f6998b849691f1a2d3f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
lstrcmpA
RemoveDirectoryA
lstrlenW
QueryPerformanceCounter
RemoveDirectoryW
CopyFileA
lstrcmpiA
FindClose
GetCommandLineA
DeleteFileA
VirtualAlloc
lstrcmpiW
VirtualFree
GetSystemTime
GetWindowsDirectoryA
lstrlenA

gdi32

RectVisible
SetTextAlign
SelectPalette
CreatePalette
RestoreDC
SetTextColor
CreateFontIndirectA
CreateSolidBrush
SaveDC
CreateCompatibleDC
SetStretchBltMode
GetPixel
SetMapMode
SelectObject
DeleteObject
GetObjectA
GetTextMetricsA
GetStockObject
GetDeviceCaps
DeleteDC
LineTo
GetClipBox

user32

TranslateMessage
CharNextA
GetDC
GetParent
GetSystemMetrics
GetDesktopWindow

glu32

gluNurbsCallback

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ