661947d93a9b61d08f6c4119760a2cb4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

661947d93a9b61d08f6c4119760a2cb4_JaffaCakes118
Size

110KB
MD5

661947d93a9b61d08f6c4119760a2cb4
SHA1

52059ccc1f11beb5e96f42a683a42368beb22802
SHA256

57c9d845c4f528395ee651d5f074c0134c0044344041902f334b09ef60ff1be8
SHA512

59d7f53ab8b329523c997e28926e765bdab2ccfaa9449a7acffe7cd163dbadaeaa43434269f7461c2468bdc7811eaf43b2361314ab6db1e9fb94646fe78c4d8f
SSDEEP

3072:lX0jgwAJ+pzAbyEwtyGPC8Wtfq2bY/xl55v:o2+4v3+2bYx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
661947d93a9b61d08f6c4119760a2cb4_JaffaCakes118

Files

661947d93a9b61d08f6c4119760a2cb4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1f103b7b089085b217c9b17dcc9cda91

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

RectVisible
GetObjectA
DeleteObject
SetStretchBltMode
SaveDC
RestoreDC
CreateCompatibleDC
SelectObject
CreateFontIndirectA
SetTextColor
GetDeviceCaps
CreatePalette
CreateSolidBrush
LineTo
SelectPalette
GetTextMetricsA
GetStockObject
SetTextAlign
GetClipBox
SetMapMode

user32

GetDesktopWindow
GetSystemMetrics
GetParent
CharNextA
TranslateMessage
GetDC

kernel32

lstrlenA
DeleteFileA
GlobalFindAtomA
lstrlenW
RemoveDirectoryA
RemoveDirectoryW
GetModuleHandleA
FindClose
lstrcmpiA
lstrcmpA
GetCommandLineA
GetWindowsDirectoryA
GetSystemTime
QueryPerformanceCounter
CopyFileA
lstrcmpiW
VirtualAlloc
VirtualFree

glu32

gluNurbsCallback

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ