b766e7a53b2a724f58c78fd8632f1c89_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b766e7a53b2a724f58c78fd8632f1c89_JaffaCakes118
Size

114KB
MD5

b766e7a53b2a724f58c78fd8632f1c89
SHA1

6b54d1f18ca83c451437d02330738f1b2a7dd068
SHA256

4c95f4bbf5fc2664314afbe6b9cd90f66c1ff761b18e71aa306449892543af6a
SHA512

7abc62b4b361388bf1a1708f1e8254289c891c6ee46a97b31b993d8196e7f8b7fd6d9b2f3e5769a1a4ff7ffeabf8a5830ad264b05f8a56ce7d2e90b07adc3c9a
SSDEEP

3072:qSwt/VS/td6OjMtCFY838qHZDYCxQEnB72Vjgw:I/VS/iCFY838+ZDYCn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b766e7a53b2a724f58c78fd8632f1c89_JaffaCakes118

Files

b766e7a53b2a724f58c78fd8632f1c89_JaffaCakes118
.exe windows:5 windows x86 arch:x86

63ee934877b6c21023134666d12e3174

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
GetDC
GetDesktopWindow
GetParent
CharNextA
TranslateMessage

gdi32

SetTextAlign
SelectObject
GetStockObject
SelectPalette
LineTo
CreateFontIndirectA
DeleteObject
SetMapMode
RestoreDC
GetClipBox
GetObjectA
GetPixel
CreateCompatibleDC
RectVisible
GetTextMetricsA
SetStretchBltMode
GetDeviceCaps
DeleteDC
SaveDC

kernel32

CopyFileA
lstrlenW
GetModuleHandleA
lstrcmpA
lstrlenA
VirtualAlloc
RemoveDirectoryA
GlobalFindAtomA
VirtualFree
GetWindowsDirectoryA
RemoveDirectoryW
GetSystemTime
GetCommandLineA
FindClose
QueryPerformanceCounter
lstrcmpiA
lstrcmpiW
DeleteFileA

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pepjbjm
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE