2d78430a8f8a1ec5a8c205910ec5b14a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d78430a8f8a1ec5a8c205910ec5b14a_JaffaCakes118
Size

113KB
MD5

2d78430a8f8a1ec5a8c205910ec5b14a
SHA1

4f2979ae5c1b531a96127d8b0165740cbb203f96
SHA256

5b212d1576fd45e0823fd70d6e4ba5cbbc2b3282df68cf7f2c47a9ae01fdeb92
SHA512

31ee96df42aef4a5f6ed23de03e6121932d9143a3a5dcdb2909b17b8e2443106659336308a6f8c63ea69290ea63e00f456ecf6cac6e31ded835d5589e5cedbf1
SSDEEP

1536:mUjKA1DDNDHLEyNa+w5BdQ1ZZkfFku/lp1yRfQoD6N3i6EVOSO/9k:rjKwNDHgyG5BdcZZyNp16QoDCSO/9k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d78430a8f8a1ec5a8c205910ec5b14a_JaffaCakes118

Files

2d78430a8f8a1ec5a8c205910ec5b14a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8e348108c59d79d99b63ca7a7eadbfbd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SaveDC
SelectPalette
SetStretchBltMode
DeleteDC
SetTextAlign
CreateFontIndirectA
SelectObject
RectVisible
RestoreDC
GetTextMetricsA
GetDeviceCaps
GetStockObject
DeleteObject
SetTextColor
LineTo
CreateCompatibleDC

user32

GetDesktopWindow
CharNextA
GetSystemMetrics
GetParent
GetDC
TranslateMessage

kernel32

lstrcmpiA
lstrlenA
RemoveDirectoryA
CopyFileA
RemoveDirectoryW
FindClose
DeleteFileA
GetModuleHandleA
lstrcmpA
QueryPerformanceCounter
GetWindowsDirectoryA
lstrcmpiW
GetCommandLineA
VirtualAlloc
VirtualFree
GlobalFindAtomA
GetSystemTime
lstrlenW

glu32

gluNurbsCallback

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ