ab1ef536df5441b14ccce84a982e1f04_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab1ef536df5441b14ccce84a982e1f04_JaffaCakes118
Size

116KB
MD5

ab1ef536df5441b14ccce84a982e1f04
SHA1

677d581c340e5927f4c705f989a0c999a8c4a9ad
SHA256

58ec74c87919a9333dfb48bf844685c5a57d90069960342f72c32513228c791d
SHA512

c7cab908e3a6a5fceefd3dc1f271cd13c05139b4648a4bbb621af01fc8cdecc3f6d91944545eb4aaa688c4ba31eed8e354271c681d840042e4df8a3360f2d060
SSDEEP

3072:fAxdoVGLmj0meCMXIq0V8Xzzonx5TVMU:X4SQmSYq0V8HoL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab1ef536df5441b14ccce84a982e1f04_JaffaCakes118

Files

ab1ef536df5441b14ccce84a982e1f04_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e873734e251f735894b66592ff006fd4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SaveDC
DeleteDC
GetStockObject
SetMapMode
SetTextAlign
GetTextMetricsA
GetClipBox
SetStretchBltMode
CreatePalette
RectVisible
LineTo
RestoreDC
GetPixel
CreateCompatibleDC
GetObjectA
GetDeviceCaps
CreateSolidBrush
SelectObject

kernel32

GetCommandLineA
lstrcmpiW
GlobalFindAtomA
GetSystemTime
lstrlenA
GetWindowsDirectoryA
QueryPerformanceCounter
GetModuleHandleA
lstrcmpA
RemoveDirectoryA
RemoveDirectoryW
FindClose
DeleteFileA
CopyFileA
lstrlenW
VirtualAlloc
VirtualFree

user32

CharNextA
GetDesktopWindow
TranslateMessage
GetDC
GetParent
GetSystemMetrics

glu32

gluNurbsCallback

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ