a3bf5d4b8bbe99e8a9d8879c0bb23445_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a3bf5d4b8bbe99e8a9d8879c0bb23445_JaffaCakes118
Size

108KB
MD5

a3bf5d4b8bbe99e8a9d8879c0bb23445
SHA1

6b443a4101fe2d653a232c511cc3ca3ab88dbe84
SHA256

59966e3734453e8112e2bb6592a71e23fa88a40b0644db9a389fad94950c0a20
SHA512

da52a14c087714b9a8de1d1c8c91efce28394cbe84deb94e2e7513c5901d32ec876be48f06edf9a7f7172f82c883c20a1560869a0174489f72b52270916eeea8
SSDEEP

1536:hFf5pjcUvBYkbirqvAh3ncmaw3HNeX3A5eRFFoaxRi83iGkcpZUI1Fsdg:ZuUvBRXvG3cm33+A5ehFLUI1Fsd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3bf5d4b8bbe99e8a9d8879c0bb23445_JaffaCakes118

Files

a3bf5d4b8bbe99e8a9d8879c0bb23445_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd0f6aeca59ee2cbde2c048bbbbe8596

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
GetWindowsDirectoryA
lstrcmpiW
GetCommandLineA
GetModuleHandleA
RemoveDirectoryA
GlobalFindAtomA
lstrcmpiA
RemoveDirectoryW
FindClose
QueryPerformanceCounter
lstrlenA
GetSystemTime
CopyFileA
DeleteFileA
lstrlenW
VirtualAlloc
VirtualFree

gdi32

DeleteDC
GetStockObject
CreateFontIndirectA
SelectPalette
GetDeviceCaps
CreateCompatibleDC
GetObjectA
SetMapMode
RestoreDC
SetTextColor
RectVisible
SetTextAlign
GetPixel
CreatePalette
DeleteObject
SetStretchBltMode
GetTextMetricsA
CreateSolidBrush
SelectObject
LineTo

user32

GetDesktopWindow
CharNextA
GetParent
TranslateMessage
GetSystemMetrics
GetDC

glu32

gluNurbsCallback

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ