b249c5b8a1c2ffe91086a5e952c10db8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b249c5b8a1c2ffe91086a5e952c10db8_JaffaCakes118
Size

149KB
MD5

b249c5b8a1c2ffe91086a5e952c10db8
SHA1

85b7e31599d9d0bf490026ca499211907f5bd124
SHA256

ecb434703a93823552e059845e6ce066ba077d0d9e036c3c3520f7374ab4ede8
SHA512

e8fdaee3ea26fe3cb970091a8609f8e83da7555da8d11869f55103155097c693251fdaf1dbeac557ae4b24253cbd1baf78896a5237f50f04e15b612b23d917be
SSDEEP

1536:GaR1zmQMJ+NeN6Zrh0jIxq0BoyjjFDxk5H7lKF7wQId+skEvS:GaRiJC114+FD4x9QIQsC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b249c5b8a1c2ffe91086a5e952c10db8_JaffaCakes118

Files

b249c5b8a1c2ffe91086a5e952c10db8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e7eaf5f2df0dc01901c57bc6e38c5a03

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetParent
TranslateMessage
GetDC
ShowWindow
GetSystemMetrics
GetDesktopWindow

kernel32

GlobalFindAtomA
VirtualAlloc
GetModuleHandleA
GetThreadLocale
GetTickCount
GetDriveTypeA
GetACP
SetLastError
VirtualFree
GlobalFindAtomW
GetProcessHeap
GetCurrentThread
lstrlenA
SetCurrentDirectoryA

gdi32

GetPixel
DeleteObject
GetClipBox
CreateCompatibleDC
GetDeviceCaps
CreateFontIndirectA
RectVisible
SelectObject

glu32

gluTessCallback

comctl32

InitCommonControls

Sections

.text
Size: 1024B - Virtual size: 890B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Dwibohbu
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ