a5fd94d4204b41333c076165be41aefa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a5fd94d4204b41333c076165be41aefa_JaffaCakes118
Size

109KB
MD5

a5fd94d4204b41333c076165be41aefa
SHA1

9e8c6142576331fde26530c483b530fff74ba637
SHA256

f0916c37d17c109ea2e4600ec033d390994cee0f7b5c5cc748b6d81697e6d706
SHA512

e96a993ee81a8d667b1f737ad18432dbae9e3f52a03b5350ef877773aae72219012970fc2a71a300b84dd39f4cb0c5c17c61c762966cd75b2e3392d70a38e095
SSDEEP

1536:1U0T2/3b5oGEFjDPzcEoT/ceEzC26DNRXeRcc1HLZiof2iKKd94KfgeqbAwii6El:1PDGUfK/Vl26JRXtoO/KCx5fV/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5fd94d4204b41333c076165be41aefa_JaffaCakes118

Files

a5fd94d4204b41333c076165be41aefa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

df1053c57c357e95b86de25c5ea70679

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
lstrlenW
GetWindowsDirectoryA
QueryPerformanceCounter
GlobalFindAtomA
GetSystemTime
RemoveDirectoryW
FindClose
RemoveDirectoryA
lstrcmpiW
GetModuleHandleA
lstrcmpA
lstrcmpiA
lstrlenA
CopyFileA
GetCommandLineA
VirtualAlloc
VirtualFree

user32

GetSystemMetrics
GetDesktopWindow
TranslateMessage
GetDC
GetParent
CharNextA

gdi32

GetTextMetricsA
GetObjectA
SetTextAlign
CreateFontIndirectA
LineTo
SelectObject
SaveDC
SetTextColor
GetClipBox
DeleteDC
SelectPalette
GetPixel
CreatePalette
SetMapMode
SetStretchBltMode
RestoreDC
CreateSolidBrush
GetStockObject
CreateCompatibleDC

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE