b23978a58ba391e4f32885312db1586c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b23978a58ba391e4f32885312db1586c_JaffaCakes118
Size

111KB
MD5

b23978a58ba391e4f32885312db1586c
SHA1

9d6cd7917919deb920a1cb614149b0fa9143b606
SHA256

44313b6561ca36b89edd7706f7e931a5c891f452143c7ddcb688d7ebb67d1da3
SHA512

8ab205be606514cf26984320672997dedbdbb90fb20e9a3662080ed604c132b89ebb95290fdf00568cf1d41a58fc9a4f97828fb4dc8569403238bde459ca7442
SSDEEP

3072:2Tn1jPgTcliDRM6IsL6nA8p1zNNIPQRcs4U:2l4EwUsv8pdq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b23978a58ba391e4f32885312db1586c_JaffaCakes118

Files

b23978a58ba391e4f32885312db1586c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

11d4b4ca1dd2936fbee0018a30bea6c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetParent
CharNextA
GetDesktopWindow
GetSystemMetrics
GetDC
TranslateMessage

gdi32

DeleteObject
GetStockObject
SaveDC
SelectPalette
SetMapMode
GetObjectA
DeleteDC
SetStretchBltMode
LineTo
SelectObject
RestoreDC
SetTextAlign
CreateCompatibleDC
GetPixel
GetTextMetricsA
CreatePalette
GetDeviceCaps
CreateFontIndirectA

kernel32

lstrlenA
QueryPerformanceCounter
CopyFileA
RemoveDirectoryW
lstrcmpA
GetSystemTime
FindClose
lstrcmpiW
GlobalFindAtomA
GetCommandLineA
lstrlenW
GetModuleHandleA
lstrcmpiA
VirtualAlloc
VirtualFree
RemoveDirectoryA
GetWindowsDirectoryA
DeleteFileA

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ