5f82486bc134d2971af23a7e0e0cf549_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5f82486bc134d2971af23a7e0e0cf549_JaffaCakes118
Size

148KB
MD5

5f82486bc134d2971af23a7e0e0cf549
SHA1

0b0d4a8f0798bbbbfd9e4ff17fe442c96e2ab567
SHA256

57765a5e3f7a3942f9d732aa43788dd8f7ef6b58675289a8e6ebaa5daf15ccde
SHA512

9ac2c5c301876610ee0b0f40373b30f78d43f485edd925cd2be75ba7f4136fc3fd5623f8d7c8e46dda5703d5f53551a0fd1ca8b9883f525f0d87b916bbdd7a51
SSDEEP

3072:xiIsvOAij+EqffPPPPPPP8xe66PUYHAO7k2:xiHOAaq3PPPPPPPue/suk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f82486bc134d2971af23a7e0e0cf549_JaffaCakes118

Files

5f82486bc134d2971af23a7e0e0cf549_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2a2646cd0d47365c0d2e558bd08d2d55

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
GlobalFindAtomA
GetTickCount
VirtualAlloc
SetLastError
QueryPerformanceCounter
VirtualFree
lstrlenA
GetCommandLineW
GetModuleHandleA
lstrcmpiA

user32

GetSystemMetrics
ShowWindow
GetDesktopWindow
DispatchMessageA
GetParent

gdi32

SetTextAlign
GetClipBox
CreateCompatibleDC
SetMapMode
PatBlt
DeleteObject

glu32

gluTessCallback

comctl32

InitCommonControls

Sections

.text
Size: 1024B - Virtual size: 807B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Vdwg, Wr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ