87a462f2c88f797b83f7e59fe3ae3a81_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

87a462f2c88f797b83f7e59fe3ae3a81_JaffaCakes118
Size

114KB
MD5

87a462f2c88f797b83f7e59fe3ae3a81
SHA1

c4f3de12676c21cbf3646d31e923a6ce0f372801
SHA256

5137fee3657374106ef7a114fb9d788d39d01d6872b8a350e121edfc4ae49722
SHA512

7fedb53866e52c1234dc56b28539f0aa4dc330ccfb6f4f816bb66e65c8140803eaf1e9953fff7b4b104a66283bf274942f4cb9e219f6eb57af1e68e3f5643076
SSDEEP

3072:HSwt/VS/td6OBMtCFY838qHZDYCxQEnB72Vjgw:3/VS/oCFY838+ZDYCn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87a462f2c88f797b83f7e59fe3ae3a81_JaffaCakes118

Files

87a462f2c88f797b83f7e59fe3ae3a81_JaffaCakes118
.exe windows:5 windows x86 arch:x86

63ee934877b6c21023134666d12e3174

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
GetDC
GetDesktopWindow
GetParent
CharNextA
TranslateMessage

gdi32

SetTextAlign
SelectObject
GetStockObject
SelectPalette
LineTo
CreateFontIndirectA
DeleteObject
SetMapMode
RestoreDC
GetClipBox
GetObjectA
GetPixel
CreateCompatibleDC
RectVisible
GetTextMetricsA
SetStretchBltMode
GetDeviceCaps
DeleteDC
SaveDC

kernel32

CopyFileA
lstrlenW
GetModuleHandleA
lstrcmpA
lstrlenA
VirtualAlloc
RemoveDirectoryA
GlobalFindAtomA
VirtualFree
GetWindowsDirectoryA
RemoveDirectoryW
GetSystemTime
GetCommandLineA
FindClose
QueryPerformanceCounter
lstrcmpiA
lstrcmpiW
DeleteFileA

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ