a02cae1795a97cdb056770384bee1390_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a02cae1795a97cdb056770384bee1390_JaffaCakes118
Size

109KB
MD5

a02cae1795a97cdb056770384bee1390
SHA1

7fd7bb3797d449a64bba4703be75a035d92d2761
SHA256

c1d97735ce68fc8f1493c26d15fd0d31e5709d45430841df70ba372b1309c964
SHA512

beda9d881c643782d82c1e7bc23c20628837bfade6500dc4011561c608fdb0f6a9a164376b747b5a3cf5cb052ce1f7be5f49d2881efb4b05114764b51e5d4db5
SSDEEP

3072:WNxtJMspZOWInGHAoDCpBvcZE6D8JkKO:8njOKgoSvcZb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a02cae1795a97cdb056770384bee1390_JaffaCakes118

Files

a02cae1795a97cdb056770384bee1390_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4a386c509331e813b8783201c2870c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextMetricsA
GetDeviceCaps
CreatePalette
CreateSolidBrush
SetTextColor
CreateCompatibleDC
GetObjectA
SetMapMode
GetPixel
GetClipBox
DeleteDC
RestoreDC
LineTo
SaveDC
RectVisible
SetTextAlign
SelectObject
SetStretchBltMode
DeleteObject
GetStockObject

kernel32

RemoveDirectoryA
lstrcmpiA
GetModuleHandleA
VirtualAlloc
GetWindowsDirectoryA
lstrcmpiW
VirtualFree
CopyFileA
GlobalFindAtomA
lstrlenW
lstrcmpA
GetCommandLineA
QueryPerformanceCounter
lstrlenA
RemoveDirectoryW
FindClose
DeleteFileA

user32

TranslateMessage
GetParent
GetDC
GetSystemMetrics
GetDesktopWindow
CharNextA

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ