321a657af253363b7d4e60be31c46a6c_JaffaCakes118 | Triage

Sharing

General

Target

321a657af253363b7d4e60be31c46a6c_JaffaCakes118
Size

111KB
MD5

321a657af253363b7d4e60be31c46a6c
SHA1

7e7972a36587a49779d40769f5e1081a9bdc07c6
SHA256

5add44f569350177167c1dfd640784d338ac63517c600e260383bf030eb62267
SHA512

6dc665efec2f224ee3f05cde499860ce4279ac35bfba60e328ec128d32c2328e7ef74b649f8ea5b54be9d677b72a83260ac9272a35809cf6d3b606d9e473be44
SSDEEP

3072:ffxEWMoYkKPbcYrlmg993Te/4zB3VSI9/Qvxi:fI1JP1l1L3jBrO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
321a657af253363b7d4e60be31c46a6c_JaffaCakes118

Files

321a657af253363b7d4e60be31c46a6c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dd484839b19131c129112a42b20f5648

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
GetWindowsDirectoryA
DeleteFileA
GlobalFindAtomA
lstrcmpA
lstrlenA
CopyFileA
GetSystemTime
RemoveDirectoryA
lstrcmpiA
GetCommandLineA
RemoveDirectoryW
FindClose
lstrcmpiW
QueryPerformanceCounter
GetModuleHandleA
VirtualAlloc
VirtualFree

user32

GetParent
CharNextA
GetDC
GetDesktopWindow
TranslateMessage
GetSystemMetrics

gdi32

RectVisible
SetMapMode
SelectObject
GetDeviceCaps
CreateSolidBrush
GetTextMetricsA
CreatePalette
CreateCompatibleDC
DeleteObject
GetObjectA
RestoreDC
SelectPalette
SetTextColor
SaveDC
GetClipBox
GetStockObject
SetStretchBltMode
DeleteDC
CreateFontIndirectA
LineTo

glu32

gluNurbsCallback

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ