7825808374b973a1ca19c60c04f76c9f_JaffaCakes118 | Triage

Sharing

General

Target

7825808374b973a1ca19c60c04f76c9f_JaffaCakes118
Size

115KB
MD5

7825808374b973a1ca19c60c04f76c9f
SHA1

e45a290750723e6b153d4f4d17f03028b4de9406
SHA256

1dbc0307ac785ba81f55bdf8e05baaea275eabc6dc0326077a1332922b16a52d
SHA512

e499b1dccf6a238e60c1917c80a2c7d5681cb418f0dae2379f39080c237fd7334abd50e26ef5c19181682daa5f08fc218e57fdc1b6f012a9a8bdf35bc3f77466
SSDEEP

1536:H0rhKShVGB+MS5FyrGYFQJ0cPt8uHhpWQWXk4NzE1EaRwKui6OXYWeMmOV/g:ehKShVGBQFVecl8UTw0BxRWWeMmOB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7825808374b973a1ca19c60c04f76c9f_JaffaCakes118

Files

7825808374b973a1ca19c60c04f76c9f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a563ff12a861bd4ee03bd004750e0843

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextA
GetParent
TranslateMessage
GetDC
GetDesktopWindow
GetSystemMetrics

kernel32

CopyFileA
GetCommandLineA
DeleteFileA
QueryPerformanceCounter
lstrcmpiW
GetWindowsDirectoryA
lstrlenA
lstrlenW
RemoveDirectoryA
GlobalFindAtomA
GetModuleHandleA
VirtualAlloc
VirtualFree
RemoveDirectoryW
FindClose
lstrcmpiA
GetSystemTime

gdi32

GetPixel
CreateSolidBrush
DeleteDC
RestoreDC
CreateCompatibleDC
DeleteObject
GetDeviceCaps
SelectObject
GetStockObject
SetTextAlign
LineTo
SaveDC
SetStretchBltMode
SetTextColor
GetClipBox
CreatePalette
GetObjectA
GetTextMetricsA
RectVisible
SetMapMode
CreateFontIndirectA
SelectPalette

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ