973c42f4216e38d6ed42c3c6d0371cf7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

973c42f4216e38d6ed42c3c6d0371cf7_JaffaCakes118
Size

110KB
MD5

973c42f4216e38d6ed42c3c6d0371cf7
SHA1

f68f9168ef6f1e7991a069ec1b4d0ddee38508ce
SHA256

1a64bfb29b569d5133f14f47ef5d223edb0f0e7391dc3a2e3c7d8ed4a383385c
SHA512

c4bd08252694fe44639d57b7e005883e2959a59b0b37b76d2be2592dc82ae0f9a06791d35ca3afa8d25ac80f65235768427944a3c0e675948dde2c08ea320020
SSDEEP

1536:3uV3biVpoIHESkIu1Bl/nT8HNeUN8jxmO5qJebunt1e0DEaRNYO+py:DVpoIkpIuT9isI8MnMbunNYO+o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
973c42f4216e38d6ed42c3c6d0371cf7_JaffaCakes118

Files

973c42f4216e38d6ed42c3c6d0371cf7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5a44c056116c5f9dfdbef4bf2f221081

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
RemoveDirectoryA
GlobalFindAtomA
lstrcmpiA
VirtualAlloc
DeleteFileA
lstrcmpiW
GetWindowsDirectoryA
QueryPerformanceCounter
VirtualFree
GetSystemTime
GetModuleHandleA
lstrcmpA
lstrlenA
RemoveDirectoryW
FindClose
GetCommandLineA

user32

GetDesktopWindow
GetParent
CharNextA
GetSystemMetrics
TranslateMessage
GetDC

gdi32

DeleteDC
RestoreDC
SetTextColor
SelectObject
GetClipBox
GetPixel
CreateFontIndirectA
CreatePalette
SetStretchBltMode
SaveDC
CreateSolidBrush
GetStockObject
GetDeviceCaps
SetMapMode
LineTo
DeleteObject
CreateCompatibleDC
GetTextMetricsA

glu32

gluNurbsCallback

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ