9fcafbbe28c22323ac962a1aa5ee1737_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9fcafbbe28c22323ac962a1aa5ee1737_JaffaCakes118
Size

83KB
MD5

9fcafbbe28c22323ac962a1aa5ee1737
SHA1

c7799cbbfb1305192e48bb169ed6a88eebd63697
SHA256

17244ea7bb56c34478b8c236cefeaf606d23920786ce0003a917582cc0bf5e36
SHA512

37c120abc605760e9df9dee052dbf27ab02a5db042ba74ee0880a3b5016d721b3a17d4a6c82ace1c7a85afa4068b966e685e9bb7decc182aa11483d69a354207
SSDEEP

1536:tkF9E++8e9CeLSd5dzoz/3FztpH0Q97uoW5O7:CIXqeLtm5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9fcafbbe28c22323ac962a1aa5ee1737_JaffaCakes118

Files

9fcafbbe28c22323ac962a1aa5ee1737_JaffaCakes118
.exe windows:5 windows x86 arch:x86

022986d06045849620b5a41ca112a1e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreatePalette
GetStockObject
GetNearestPaletteIndex
LineTo
DeleteObject
CreateSolidBrush
SetStretchBltMode
SetTextColor
DeleteDC
SaveDC

user32

GetSystemMetrics
GetParent
GetDC
CharNextA
TranslateMessage

kernel32

GetProcessHeap
RemoveDirectoryW
QueryPerformanceCounter
GetCurrentProcess
GetUserDefaultLangID
GetStartupInfoA
lstrcmpiW
VirtualAlloc
GetCurrentThread
lstrcmpA
GetOEMCP
lstrlenW
VirtualFree

glu32

gluQuadricCallback

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ