2c6be508e54264b6363a1b350bfbbd3f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c6be508e54264b6363a1b350bfbbd3f_JaffaCakes118
Size

106KB
MD5

2c6be508e54264b6363a1b350bfbbd3f
SHA1

4094f71f5d9b2552766831043b53523574bc5f14
SHA256

ca2e99981956896c48092ea859224d7514bc3fa02056650fd75fb7f774cc145e
SHA512

92618beb063acaf4b8d0d0e8d6386ba6b1a32efb907432976387da57332e6f590ed2b1e1484081f7c3228e7aacb9520b62e20ce0854b991aa351b9ad890c6f53
SSDEEP

1536:0VXvQUxbXZ0uPkOPLIkPEF71DGRsoOG3dn3jhHcogAT8In1pNUWZ4:07T+uhpA7cpOsN3jhj1pNUWZ4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c6be508e54264b6363a1b350bfbbd3f_JaffaCakes118

Files

2c6be508e54264b6363a1b350bfbbd3f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f5747d7ce447220b11c7af503a8aa3a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
DeleteFileA
QueryPerformanceCounter
lstrcmpiW
RemoveDirectoryA
GetModuleHandleA
lstrcmpiA
GetWindowsDirectoryA
GetCommandLineA
lstrlenA
CopyFileA
GlobalFindAtomA
RemoveDirectoryW
FindClose
lstrlenW
lstrcmpA
VirtualAlloc
VirtualFree

gdi32

CreateCompatibleDC
GetStockObject
CreatePalette
LineTo
SetTextAlign
SetStretchBltMode
SetMapMode
CreateSolidBrush
CreateFontIndirectA
SelectObject
RestoreDC
SetTextColor
GetObjectA
GetDeviceCaps
GetClipBox
SelectPalette
GetTextMetricsA
RectVisible
DeleteDC

user32

GetParent
TranslateMessage
CharNextA
GetDC
GetDesktopWindow
GetSystemMetrics

glu32

gluNurbsCallback

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE