2db6c0c10b395d9ad3662e7927eb52ec_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2db6c0c10b395d9ad3662e7927eb52ec_JaffaCakes118
Size

119KB
MD5

2db6c0c10b395d9ad3662e7927eb52ec
SHA1

35cddad9443e85395f500cfc2894d5f2cc954ec4
SHA256

5b7e59fbabfd3ae7047cb93e92a34622bc7e4c5550221b08811013da09a39c1d
SHA512

db0f5e285ee006cb6196f8c0c32230595abe75591970640108456e3fa298a95bc29d6f3206526ea33e711d036641827a816f9f0906b964f0844c29f8ebac8d15
SSDEEP

3072:/7rkzoUBVBrENIdkQ9vPXAEVezAtHPAifqMgHo:/3G3fzANEtH7Jg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2db6c0c10b395d9ad3662e7927eb52ec_JaffaCakes118

Files

2db6c0c10b395d9ad3662e7927eb52ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec8afdece7037f17e89ca1d93b1030bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateCompatibleDC
SetStretchBltMode
GetObjectA
LineTo
CreateFontIndirectA
CreatePalette
GetStockObject
RestoreDC
GetTextMetricsA
CreateSolidBrush
GetClipBox
GetDeviceCaps
RectVisible
SetTextColor
GetPixel
SetTextAlign
DeleteDC
SaveDC
DeleteObject
SelectObject
SetMapMode
SelectPalette

kernel32

GetSystemTime
RemoveDirectoryA
lstrcmpiW
lstrlenA
GetCommandLineA
lstrlenW
DeleteFileA
lstrcmpA
GetModuleHandleA
RemoveDirectoryW
FindClose
GetWindowsDirectoryA
GlobalFindAtomA
VirtualAlloc
VirtualFree

user32

GetParent
GetDC
CharNextA
GetSystemMetrics
TranslateMessage
GetDesktopWindow

glu32

gluNurbsCallback

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ