b1504b6f12bf8b909500b05badaedf89_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b1504b6f12bf8b909500b05badaedf89_JaffaCakes118
Size

107KB
MD5

b1504b6f12bf8b909500b05badaedf89
SHA1

992e4da7cc911af34d987f48b65f76645548ba70
SHA256

92d90cba6b29d3bd891119717299335415c64d51eb749f75fdbddbb6ccd7d123
SHA512

b579581ae83b60e9df412db98a569d78f255b88d245a09c7353e30c66dc0c255b05a04b867fdf71a0fb2d45f4a14e0d10df9b25093be425986fb854de538eb51
SSDEEP

1536:w7zmQRdFT8xSLASnArspSO33lN14JVNgsXrzc8M0UBpbVb36SAel8UmI:Xud5VpArsFN14JR3B9UR8UmI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1504b6f12bf8b909500b05badaedf89_JaffaCakes118

Files

b1504b6f12bf8b909500b05badaedf89_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e89afde31263c0870015c420b659c5fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
GetSystemMetrics
CharNextA
GetDesktopWindow
TranslateMessage
GetParent

gdi32

DeleteDC
CreateCompatibleDC
SetTextAlign
CreatePalette
DeleteObject
SelectObject
GetClipBox
GetDeviceCaps
SetStretchBltMode
CreateFontIndirectA
SaveDC
LineTo
CreateSolidBrush
RestoreDC
RectVisible
GetPixel
GetTextMetricsA
SelectPalette
GetStockObject

kernel32

GlobalFindAtomA
GetSystemTime
lstrlenW
QueryPerformanceCounter
lstrcmpiA
lstrcmpiW
VirtualAlloc
lstrlenA
GetModuleHandleA
GetCommandLineA
lstrcmpA
VirtualFree
CopyFileA
DeleteFileA
RemoveDirectoryA
GetWindowsDirectoryA
RemoveDirectoryW
FindClose

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ