605fb627ff410b3743efd478bf744d52_JaffaCakes118 | Triage

Sharing

General

Target

605fb627ff410b3743efd478bf744d52_JaffaCakes118
Size

109KB
MD5

605fb627ff410b3743efd478bf744d52
SHA1

61a1a00fc00d5f4870763e778e84b4b2c2c3da49
SHA256

1ba54c14994728d75bab4f2df2ea361dc2dfa37c81b6a89f87adf072e0ebf101
SHA512

794ce9ac8a35ad84a85a5a61afdde17a2705b1502b9e9d8c463c3401a6edebf4de8e430b6e363a78f00bffc892d768b31829be3529cc9a74d38d0c46aa8bef86
SSDEEP

1536:CgtpfozrydmEshKyGNttl5b3ebhgIWvIRzFez4jV73LMErNR5qwMub:CSfroZhKZ75b3IegezwHR5qwMu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
605fb627ff410b3743efd478bf744d52_JaffaCakes118

Files

605fb627ff410b3743efd478bf744d52_JaffaCakes118
.exe windows:5 windows x86 arch:x86

70abf5414fe7ec3256d0985380904fbd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
lstrlenA
GetWindowsDirectoryA
CopyFileA
lstrcmpA
lstrcmpiW
lstrlenW
GlobalFindAtomA
DeleteFileA
QueryPerformanceCounter
GetCommandLineA
VirtualAlloc
VirtualFree
RemoveDirectoryW
GetSystemTime
FindClose
GetModuleHandleA
lstrcmpiA

gdi32

GetPixel
CreatePalette
CreateCompatibleDC
RectVisible
SetTextAlign
SetTextColor
DeleteObject
GetStockObject
SaveDC
SelectObject
LineTo
CreateFontIndirectA
SelectPalette
RestoreDC
CreateSolidBrush
SetStretchBltMode
SetMapMode
GetObjectA
GetClipBox
DeleteDC
GetDeviceCaps

user32

TranslateMessage
GetSystemMetrics
GetParent
GetDesktopWindow
CharNextA
GetDC

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ