ac6a4d4cb353319c6b3ac96d962f398d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac6a4d4cb353319c6b3ac96d962f398d_JaffaCakes118
Size

106KB
MD5

ac6a4d4cb353319c6b3ac96d962f398d
SHA1

de44514a3d3f1911366803cade8bc75761618f32
SHA256

d7a89cc39eb9072da6a48b1fdb585bfd4767f54e4f351072d0d341abcc54bff0
SHA512

60d3962ec682b61e3ccc981c7167334cdd0422353cb035982e40a03bfc5445bb8fef2ab18aae6f459ab92f7f1ca4d364ff5e680e9d5c8de7c291f9816f24764a
SSDEEP

1536:/1IktExMQqGemAAV6gGtrvRCTTas0qDo/i1WR/DSkkKdQ83i6Nzh1UfKe:/rExMQqrFrvRCas04s/DSTK2oOfKe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac6a4d4cb353319c6b3ac96d962f398d_JaffaCakes118

Files

ac6a4d4cb353319c6b3ac96d962f398d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3796b35419884da1b226fb4d4e28b1c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
DeleteFileA
lstrcmpiW
GetWindowsDirectoryA
GetCommandLineA
RemoveDirectoryW
lstrcmpA
FindClose
RemoveDirectoryA
QueryPerformanceCounter
GetModuleHandleA
GlobalFindAtomA
lstrcmpiA
lstrlenW
lstrlenA
GetSystemTime
VirtualAlloc
VirtualFree

gdi32

CreateSolidBrush
CreatePalette
GetDeviceCaps
DeleteObject
SelectObject
DeleteDC
GetTextMetricsA
SaveDC
GetClipBox
SetStretchBltMode
LineTo
SelectPalette
RestoreDC
SetTextAlign
GetObjectA
SetMapMode
GetStockObject
GetPixel
RectVisible
CreateFontIndirectA
SetTextColor

user32

GetSystemMetrics
GetDC
TranslateMessage
CharNextA
GetParent
GetDesktopWindow

glu32

gluNurbsCallback

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ