71c3054e2c9bd1c76a0949f9d8ed2d8c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71c3054e2c9bd1c76a0949f9d8ed2d8c_JaffaCakes118
Size

105KB
MD5

71c3054e2c9bd1c76a0949f9d8ed2d8c
SHA1

28eaa655187b9238fd6ee7a70f42396af5354fa7
SHA256

978906c6aa203ea8c3145fd519e3f8ca3c2cf50464e55743474653b5e3526b9d
SHA512

db24a40b4c22131b6a792a1ef9be364b8ff88872075f70a608a373671e634bcf2293b9064abcf2e114c2a2fad9c9b294f704605bee92ad951196616c95c5b10e
SSDEEP

1536:LA4m+WRUwxDN7SM9sQfyInUD8OOCAalaus3i9ErwGlQ4LkH8:Hm+WRJhMjnoOOCtNCQ4LkH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71c3054e2c9bd1c76a0949f9d8ed2d8c_JaffaCakes118

Files

71c3054e2c9bd1c76a0949f9d8ed2d8c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ce62bceacd2f172e223032e6ca4606cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GlobalFindAtomA
QueryPerformanceCounter
RemoveDirectoryW
DeleteFileA
FindClose
GetSystemTime
lstrcmpiA
lstrcmpiW
lstrlenA
GetWindowsDirectoryA
CopyFileA
RemoveDirectoryA
lstrlenW
GetModuleHandleA
lstrcmpA
VirtualAlloc
VirtualFree

gdi32

GetStockObject
RestoreDC
GetTextMetricsA
SetTextAlign
DeleteDC
LineTo
SetMapMode
DeleteObject
CreateFontIndirectA
SetStretchBltMode
SaveDC
RectVisible
SetTextColor
GetPixel
CreateCompatibleDC
GetClipBox
CreatePalette
SelectObject
CreateSolidBrush
SelectPalette
GetDeviceCaps
GetObjectA

user32

CharNextA
GetDesktopWindow
GetDC
GetParent
GetSystemMetrics
TranslateMessage

glu32

gluNurbsCallback

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ