8b6cf8fd6143a2639e8de13354755038_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b6cf8fd6143a2639e8de13354755038_JaffaCakes118
Size

148KB
MD5

8b6cf8fd6143a2639e8de13354755038
SHA1

62d8963d9ff560602964c0d28ecdd86c084e9033
SHA256

a07c2a938fa7a9f7a67411b17d8f4019967fd7e8a0a4cdbdf855ea6b2c2feb16
SHA512

8315890d3eb2880090abd67688499d33cf68c353b23510961a2f1a618c03b84cc3b453c3e367770de2e7417233052140b1a9c4f182b579b1ca980c095f431bf4
SSDEEP

3072:coXP4hk10vVhPCj63QSQ5wK2D/eDZpDl7EWkalaZYj:coUEs7aJqvm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b6cf8fd6143a2639e8de13354755038_JaffaCakes118

Files

8b6cf8fd6143a2639e8de13354755038_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d13d0cc003ec52bc6a105446b2c4118d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DispatchMessageA
GetSystemMetrics
TranslateMessage
ShowWindow
GetDC
GetDesktopWindow

gdi32

GetDeviceCaps
GetTextMetricsA
SetTextColor
SelectObject
DeleteObject
GetObjectA
SaveDC
CreateCompatibleDC
RestoreDC

kernel32

GetModuleHandleA
lstrcmpA
lstrcmpiW
VirtualAlloc
GetCurrentThread
GetVersion
VirtualFree

glu32

gluTessCallback

comctl32

InitCommonControls

Sections

.text
Size: 1024B - Virtual size: 966B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Csyrcc J
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ