3a79c08c1b71c51223558047fed66337_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a79c08c1b71c51223558047fed66337_JaffaCakes118
Size

105KB
MD5

3a79c08c1b71c51223558047fed66337
SHA1

49ae487b73062aa34d3e1eec295f2ac1b138855d
SHA256

cb181347b8a2d730be4d971d65092cdbce714b26b09b89f480a8b28f9be5f21a
SHA512

15c5200c4105cf78d769dabee0e1dcb9789c617f26852a630b57a9dbd6e4fe41a95b2980a40a13ac76168031c975ce04603bac0b6a27cdcc63b19a894cb6bd47
SSDEEP

1536:gPpl8UkeFwUt2yf9GkXN5GQGhlPqdviexV9hADD+xxj4iDfWS+AVhjX0ia:c9kNU9ZGNPsviexV9unQEAVhj2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a79c08c1b71c51223558047fed66337_JaffaCakes118

Files

3a79c08c1b71c51223558047fed66337_JaffaCakes118
.exe windows:4 windows x86 arch:x86

314532838d8b6b18b3845f7724779933

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
GetSystemMetrics
GetParent
CharNextA
TranslateMessage
GetDesktopWindow

kernel32

GetWindowsDirectoryA
GetSystemTime
lstrlenW
GetModuleHandleA
lstrcmpiW
lstrlenA
DeleteFileA
QueryPerformanceCounter
RemoveDirectoryW
FindClose
RemoveDirectoryA
GlobalFindAtomA
lstrcmpA
GetCommandLineA
CopyFileA
lstrcmpiA
VirtualAlloc
VirtualFree

gdi32

DeleteObject
SetStretchBltMode
GetObjectA
RectVisible
GetTextMetricsA
CreateFontIndirectA
DeleteDC
SaveDC
CreatePalette
LineTo
SetMapMode
RestoreDC
SetTextColor
GetDeviceCaps
GetStockObject
SelectObject
CreateCompatibleDC
SelectPalette
SetTextAlign
GetClipBox
GetPixel

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ