71e1c067bdbfa8406af10963456276d2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71e1c067bdbfa8406af10963456276d2_JaffaCakes118
Size

112KB
MD5

71e1c067bdbfa8406af10963456276d2
SHA1

6e09f44e2415c2df7eec553328daf8ab5a3135e5
SHA256

1dd9881103cbcdeff12ad7c3ed143f0a0d7dcfef13a7a21b0452c448b1fd000e
SHA512

9d4e4c5bf94c2f08016915accfbf09fea84fb71b916a1ccd47944f2a0254c7056654f74f2544064fee8a861a0221bf48f0a5b852414d504770c8e2d6cca1a2b5
SSDEEP

1536:06WwbloD2b7GV6b9JJ4wpp1tpO9/lRx/snGZVlBUAJn3CYEPaXt7+dSC7:toD2b7GV6bjLpntg8GZeAJ/N+dSC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71e1c067bdbfa8406af10963456276d2_JaffaCakes118

Files

71e1c067bdbfa8406af10963456276d2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

06a093e556081e72e2ed174ba8aabec3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
lstrlenA
CopyFileA
DeleteFileA
RemoveDirectoryA
QueryPerformanceCounter
lstrcmpiA
GetCommandLineA
GetModuleHandleA
lstrcmpA
RemoveDirectoryW
FindClose
GetWindowsDirectoryA
GetSystemTime
GlobalFindAtomA
lstrlenW
VirtualAlloc
VirtualFree

user32

GetDesktopWindow
CharNextA
GetParent
GetSystemMetrics
GetDC
TranslateMessage

gdi32

CreatePalette
RectVisible
DeleteDC
GetPixel
RestoreDC
GetDeviceCaps
SelectObject
GetObjectA
GetStockObject
CreateFontIndirectA
SetTextAlign
CreateCompatibleDC
DeleteObject
SetMapMode
CreateSolidBrush
SetTextColor
GetTextMetricsA
SetStretchBltMode

glu32

gluNurbsCallback

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ