479ec06ffc316da74eb5e38245e408e2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

479ec06ffc316da74eb5e38245e408e2_JaffaCakes118
Size

107KB
MD5

479ec06ffc316da74eb5e38245e408e2
SHA1

001ee0e0ee51e01a1ec9045b4e5351683a113475
SHA256

85cec9efb48863789cceaa260282ed9ca03e1c8103cd6ec3abc45e7a0517e0b3
SHA512

ac6df059a468021314c63ebef5ddf78c28502d55f29b5992b46cf3d7614fe1d38293e703068dc4505da68f96aa5020abba0fb37cca68e24aae5351ebbfe1a5e2
SSDEEP

3072:Msfc4xhnwh9tgh7T7sWRH5g57g78dAbWlr303IX:Pfc4xWh96hni5k8dw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
479ec06ffc316da74eb5e38245e408e2_JaffaCakes118

Files

479ec06ffc316da74eb5e38245e408e2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0e8ce0e3a6e5429f19a4af36bc0cd4a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
GlobalFindAtomA
RemoveDirectoryA
lstrlenA
DeleteFileA
lstrcmpiA
lstrcmpiW
RemoveDirectoryW
FindClose
GetModuleHandleA
GetWindowsDirectoryA
QueryPerformanceCounter
lstrlenW
GetCommandLineA
lstrcmpA
VirtualAlloc
VirtualFree

gdi32

GetClipBox
DeleteDC
SaveDC
SetMapMode
DeleteObject
SetStretchBltMode
RestoreDC
GetStockObject
CreateCompatibleDC
GetPixel
CreatePalette
SetTextColor
SelectObject
RectVisible
SelectPalette
LineTo
GetTextMetricsA
CreateFontIndirectA
GetObjectA
GetDeviceCaps
CreateSolidBrush

user32

TranslateMessage
GetSystemMetrics
GetDC
GetDesktopWindow
GetParent
CharNextA

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

psifnnc
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE