5eeafd9bb52933a1d97b346acb9a1080_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5eeafd9bb52933a1d97b346acb9a1080_JaffaCakes118
Size

110KB
MD5

5eeafd9bb52933a1d97b346acb9a1080
SHA1

f3e85cb06217f3769b3f3fa6d7534ff72946b0a6
SHA256

eeaa445f3f10a966f5d0a045f5105116d6bfe7aec46acb6a1536bb663a744e60
SHA512

14887c39123660486fc021325ec72cae50be85d8453aca312f6e482a3813e556824df83fd6860d3b792449a560332fc8ef1f14cac19dcfdefd8f7f7ce0af99b6
SSDEEP

1536:HnYwcpAqh3NHDIX+/sfO0vK5STNqqSpwt2o1kPqf0tthFvbwhV63i68Xm+UY5j82:3cpAWNHDIXbvXNk62ikzl1whuY5j8eK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5eeafd9bb52933a1d97b346acb9a1080_JaffaCakes118

Files

5eeafd9bb52933a1d97b346acb9a1080_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8397a595e0c62d8da9aabe4221196452

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
lstrcmpiW
VirtualAlloc
GetModuleHandleA
RemoveDirectoryA
lstrlenA
VirtualFree
lstrcmpiA
QueryPerformanceCounter
lstrcmpA
GlobalFindAtomA
GetWindowsDirectoryA
CopyFileA
lstrlenW
DeleteFileA
GetSystemTime
RemoveDirectoryW
FindClose

gdi32

SetTextAlign
SetStretchBltMode
CreateFontIndirectA
SelectObject
CreatePalette
GetClipBox
SelectPalette
GetObjectA
SaveDC
SetTextColor
LineTo
SetMapMode
DeleteObject
GetTextMetricsA
GetDeviceCaps
CreateSolidBrush
GetStockObject

user32

CharNextA
GetDesktopWindow
GetParent
GetSystemMetrics
GetDC
TranslateMessage

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wtdnegy
Size: 29KB - Virtual size: 72KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE