b3b9e512395bc249fe62091eb1619fc2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3b9e512395bc249fe62091eb1619fc2_JaffaCakes118
Size

101KB
MD5

b3b9e512395bc249fe62091eb1619fc2
SHA1

06bdde0d1c2bbca7875278ffe9844e8ced411aa3
SHA256

1a7ad7a58a701995167645403f8f6df7afa6ef55320e409f8849cbf03b2aff09
SHA512

80933f43895d1ec2f951ac6815dc2068d5e4a3446d3346e3796f65eec44e25917d56d1045ca3317b651cb0f31cca92e2fee353b4d7980d99b9cf8ede4c62b858
SSDEEP

1536:ZmkThJf6UOKexz2kMt7MzuWt0bJhJGoXIio2IVctmje6Lfc6EWSQlGXN5:ZZBOzxyeuzbJaTxEmPlG95

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3b9e512395bc249fe62091eb1619fc2_JaffaCakes118

Files

b3b9e512395bc249fe62091eb1619fc2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fa967da7d6344dca4d965eadc0f5a946

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
GetSystemMetrics
GetParent
CharNextA
GetDesktopWindow
TranslateMessage

kernel32

lstrcmpiA
GetModuleHandleA
GetSystemTime
DeleteFileA
VirtualAlloc
GetWindowsDirectoryA
CopyFileA
QueryPerformanceCounter
lstrlenW
VirtualFree
lstrlenA
RemoveDirectoryA
RemoveDirectoryW
FindClose
lstrcmpiW
lstrcmpA
GetCommandLineA
GlobalFindAtomA

gdi32

CreateFontIndirectA
GetDeviceCaps
CreatePalette
DeleteObject
SetStretchBltMode
CreateCompatibleDC
SaveDC
SetTextColor
RectVisible
GetTextMetricsA
GetObjectA
LineTo
RestoreDC
SelectObject
GetClipBox
SelectPalette
GetStockObject
GetPixel
DeleteDC
SetTextAlign

glu32

gluNurbsCallback

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ