3f5c69c8ca02210fafbbbef6ef9cf39c_JaffaCakes118 | Triage

Sharing

General

Target

3f5c69c8ca02210fafbbbef6ef9cf39c_JaffaCakes118
Size

108KB
MD5

3f5c69c8ca02210fafbbbef6ef9cf39c
SHA1

8c9d76034f12f58861d50116dd3d4fdf10eb2a6a
SHA256

d7ba544d53b08c418ea3af57a71d6e8554110dd3f3b65e5d3b0aea024cd00f5a
SHA512

064553953f883e8bdba22f37863e377dacd06ac6859afca325a1fbedd7ff9e348de4dc77c3ba4806cafcda1f5f01a35e50040a4df8bc0d9cbcee1138274ea051
SSDEEP

1536:A2cGsk+KqhkWMVBM5KU2vnpgpGA6Safn1a6wJQ50MWqrEXVx7W/HbHO1guEysjmb:ALGcslzU2Y6/njwJjEEXVx7Wtmurve

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f5c69c8ca02210fafbbbef6ef9cf39c_JaffaCakes118

Files

3f5c69c8ca02210fafbbbef6ef9cf39c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

294be8829e9a85471601925020a9946d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetSystemTime
lstrcmpiW
GlobalFindAtomA
lstrlenW
GetWindowsDirectoryA
GetCommandLineA
lstrlenA
CopyFileA
lstrcmpiA
VirtualAlloc
RemoveDirectoryA
GetModuleHandleA
VirtualFree
QueryPerformanceCounter
RemoveDirectoryW
FindClose
lstrcmpA

user32

TranslateMessage
GetParent
GetSystemMetrics
GetDC
CharNextA
GetDesktopWindow

gdi32

RectVisible
GetTextMetricsA
SetTextAlign
GetDeviceCaps
DeleteDC
DeleteObject
GetStockObject
SetStretchBltMode
RestoreDC
SelectObject
CreatePalette
GetPixel
CreateCompatibleDC
GetClipBox
CreateFontIndirectA
SetTextColor
SetMapMode
CreateSolidBrush
LineTo
GetObjectA
SelectPalette

glu32

gluNurbsCallback

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ