61164dd6cd8a9309ac4e4d09d1d75e93_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

61164dd6cd8a9309ac4e4d09d1d75e93_JaffaCakes118
Size

110KB
MD5

61164dd6cd8a9309ac4e4d09d1d75e93
SHA1

58163031305fcafebd3c0e8d2aefb4003cc7a8b3
SHA256

17d2930db582d8e1993392281fa0c9e5b63fedd62016aa04677b5d045fceb2e7
SHA512

981a6a6d654fd976f0fc49a317c4811112c6306795b434c8d651ce58b458882fc79cc63610da48bd8d8105f795e45914ab01f0c9eaa2a178ce3f6047e515fdcb
SSDEEP

1536:qjikV05wgJiffIpmnUX7AruVQvPLnHVhF0GvkGLmL9Yi6E0r+TC90o:qOk6egrz0VzHN04km7+O90o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61164dd6cd8a9309ac4e4d09d1d75e93_JaffaCakes118

Files

61164dd6cd8a9309ac4e4d09d1d75e93_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a4483c4579b79c8b2720d7928f789183

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
GetParent
CharNextA
GetSystemMetrics
GetDesktopWindow
TranslateMessage

kernel32

RemoveDirectoryA
lstrcmpA
GlobalFindAtomA
DeleteFileA
GetCommandLineA
lstrlenW
RemoveDirectoryW
FindClose
CopyFileA
GetSystemTime
GetModuleHandleA
GetWindowsDirectoryA
lstrcmpiW
QueryPerformanceCounter
lstrlenA
VirtualAlloc
VirtualFree

gdi32

GetObjectA
GetStockObject
RestoreDC
SaveDC
SetStretchBltMode
SetTextColor
CreateCompatibleDC
GetDeviceCaps
SelectObject
LineTo
GetPixel
DeleteDC
CreatePalette
DeleteObject
CreateFontIndirectA
GetClipBox
RectVisible
GetTextMetricsA
SetMapMode
SelectPalette

glu32

gluNurbsCallback

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ