6478393613865b9f1d2e8a0f7d7a73fd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6478393613865b9f1d2e8a0f7d7a73fd_JaffaCakes118
Size

116KB
MD5

6478393613865b9f1d2e8a0f7d7a73fd
SHA1

e95ac44b618938ce91dfb421d19597b391712437
SHA256

40fcd703b13c465190beb19c2d924cc4e92ca421160cc7c5c05662af620ff5df
SHA512

b733917b143de50d1def1db5baf02b0b5fe64cb8eb0eb57ce73cac214eb0e456dafbbf2b976211d0bc8de946700c0560a7a98d6980d77238d15875b4819db449
SSDEEP

3072:Hy3FMkFAd17lLtYwS8UBbcYj/17F5vCaAi:rpG1To40N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6478393613865b9f1d2e8a0f7d7a73fd_JaffaCakes118

Files

6478393613865b9f1d2e8a0f7d7a73fd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3f6ac9d4d548ae7540f8e460d4f6de4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateFontIndirectA
CreatePalette
LineTo
SetTextColor
CreateCompatibleDC
DeleteDC
SelectObject
CreateSolidBrush
DeleteObject
GetObjectA
SaveDC
GetTextMetricsA
RectVisible
SetStretchBltMode
GetPixel
GetClipBox
GetDeviceCaps
SelectPalette
SetMapMode
GetStockObject
SetTextAlign

user32

GetSystemMetrics
TranslateMessage
GetDesktopWindow
CharNextA
GetParent
GetDC

kernel32

GetWindowsDirectoryA
lstrcmpiW
GlobalFindAtomA
RemoveDirectoryA
GetCommandLineA
QueryPerformanceCounter
CopyFileA
lstrcmpA
lstrcmpiA
GetSystemTime
lstrlenA
lstrlenW
RemoveDirectoryW
FindClose
GetModuleHandleA
VirtualAlloc
VirtualFree

glu32

gluNurbsCallback

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ