48e92eded32e886819ed848fd2fa2d81_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48e92eded32e886819ed848fd2fa2d81_JaffaCakes118
Size

72KB
MD5

48e92eded32e886819ed848fd2fa2d81
SHA1

227d2dd00320793d7db872f3df18289c2fe7cdba
SHA256

2fb242d9a7e72b23b51e3d51961fe329aef0e2d38374d59b701a4f02efe8b06e
SHA512

4b34821adcf2cffd626f3cfca9331290fb188542137e732b1cc4f83c37427b7d9977c8fa119147a0430e6fd4e2b79535cfbeb4d05885fee10eb23df873d8d5a8
SSDEEP

1536:BAzF0D6C17zla3br4cptVURhKFyzBHlqrx3E1gW5T/XhuJF/B:myDTdzla33pf2nRl6UiWJ/xidB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48e92eded32e886819ed848fd2fa2d81_JaffaCakes118

Files

48e92eded32e886819ed848fd2fa2d81_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9693411014fa6288f9998833f93a725e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetTextAlign
GetClipBox
RestoreDC
GetDeviceCaps
SetStretchBltMode
SelectPalette
GetObjectA
GetStockObject
GetPixel
SelectObject
CreateFontIndirectA
DeleteObject
RectVisible
CreatePalette
SetMapMode
SetTextColor
CreateSolidBrush
SaveDC
GetTextMetricsA

user32

CharNextA
GetParent
GetSystemMetrics
TranslateMessage
GetDesktopWindow
GetDC

kernel32

GetWindowsDirectoryA
lstrcmpiW
CopyFileA
GetCommandLineA
GetModuleHandleA
DeleteFileA
lstrlenA
RemoveDirectoryA
lstrcmpA
GlobalFindAtomA
lstrlenW
RemoveDirectoryW
FindClose
lstrcmpiA
GetSystemTime
QueryPerformanceCounter
VirtualAlloc
VirtualFree

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ