95f11d633f0acb48daba51634513cc0e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95f11d633f0acb48daba51634513cc0e_JaffaCakes118
Size

110KB
MD5

95f11d633f0acb48daba51634513cc0e
SHA1

ca8d582ff772b79b77820606fbb705940267d0ed
SHA256

1963040286f73e19c405315ddb3d080650cc7074c5b6c4a77394638fee175def
SHA512

6a2069a0c10da5ec7e10ace243fab57b7cc16fcff4a0e1ed0e3b50acecd898dcd38bb1eeecaddc827ab3633cdca60d4e6b74d03246c021d0093e329af659b382
SSDEEP

1536:4dFQOe8nHPhWQaRjpoCB9jt2jQuMzveXUnZKoXGY+3iBfLPDxxBBx:4M6HiRu/0LmUZKoXGcDxxBBx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95f11d633f0acb48daba51634513cc0e_JaffaCakes118

Files

95f11d633f0acb48daba51634513cc0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e4885a8f140873d642aadb0d5f18a0e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
DeleteFileA
GetModuleHandleA
RemoveDirectoryW
FindClose
lstrcmpA
QueryPerformanceCounter
RemoveDirectoryA
lstrlenW
GlobalFindAtomA
lstrcmpiA
lstrlenA
CopyFileA
GetWindowsDirectoryA
lstrcmpiW
VirtualAlloc
GetCommandLineA
VirtualFree

user32

GetDesktopWindow
CharNextA
GetDC
GetSystemMetrics
GetParent
TranslateMessage

gdi32

SetStretchBltMode
CreateSolidBrush
GetClipBox
GetStockObject
GetObjectA
SetTextColor
RestoreDC
SelectPalette
GetPixel
CreateCompatibleDC
RectVisible
CreateFontIndirectA
SetTextAlign
DeleteObject
SetMapMode
SelectObject
DeleteDC
GetDeviceCaps
GetTextMetricsA
CreatePalette
LineTo

glu32

gluNurbsCallback

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ