2d38d67c3da5bfa993854e97f67a33da_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d38d67c3da5bfa993854e97f67a33da_JaffaCakes118
Size

150KB
MD5

2d38d67c3da5bfa993854e97f67a33da
SHA1

5bf8444ead540722f435278cf7a9efb93ee2360e
SHA256

384dd8eb813f8081ab08b12f1c683eb6d528f410198ad4ef28683f5317216b1e
SHA512

114b3d5d1bb7c8181f68c142c1fe4eb6c0cf1bbcdb4d7b6a67f055b7c5e6741af3fcfe5eaeca22edc1d18bb990f7e7ed0a441a669cc7fcf46ed8f7dfdecbfb4c
SSDEEP

3072:GkkW/hrFbbwqhV/5WobRNbSntjpwlWDzESQ:jNjv5FbSnFHDgN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d38d67c3da5bfa993854e97f67a33da_JaffaCakes118

Files

2d38d67c3da5bfa993854e97f67a33da_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e5151e5bd93882f5c97b5383cbba0699

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
IsDebuggerPresent
GetCurrentThread
GetModuleHandleW
GetConsoleOutputCP
GetWindowsDirectoryA
VirtualAlloc
GetCurrentProcess
GetCommandLineW
VirtualFree

user32

GetDC
GetSystemMetrics
TranslateMessage
GetParent
CharNextA
GetDesktopWindow
ShowWindow
DispatchMessageA

gdi32

SaveDC
GetPixel
CreateSolidBrush
PatBlt
MoveToEx
Rectangle
SetTextAlign
SelectObject
GetObjectA

glu32

gluTessCallback

comctl32

InitCommonControls

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Pcmkgfnr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ