b87e7a301fe4d34caa5b4db8ff11fe34_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b87e7a301fe4d34caa5b4db8ff11fe34_JaffaCakes118
Size

260KB
MD5

b87e7a301fe4d34caa5b4db8ff11fe34
SHA1

19490b59e784cd7f36cde5ac9db72ff3e827390f
SHA256

043cda188b58a84da5136d5097950d3044f2fcbd8c6aa4941f05777fab23df95
SHA512

a7240f99d09d75de92e2beb85f372fc071910656d4658119fd168a43f221369ad19882df52b206aff78db84fbc45305cb949e1bae96e33b3b9cb06b230085f38
SSDEEP

6144:gbxgB4llo5G8a99cC5XkldoZbF9vmomsnJ:KxgB059BqoZbF9Ol

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b87e7a301fe4d34caa5b4db8ff11fe34_JaffaCakes118

Files

b87e7a301fe4d34caa5b4db8ff11fe34_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c85f0783c5a1e6d620be15c722004e5e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

MoveToEx
GetTextMetricsA
SetViewportOrgEx
EndPath
SetWindowExtEx
SelectPalette
RestoreDC
GetDeviceCaps
OffsetViewportOrgEx
EndDoc
SetBkMode
GetDCOrgEx
LineTo
GetPaletteEntries
ExcludeClipRect

user32

CharNextA
GetDesktopWindow
GetMessagePos
GetInputState

kernel32

lstrcmpA
GetModuleHandleW
RemoveDirectoryA
lstrlenW
GetCommandLineA
GetThreadLocale
MulDiv
GetTickCount
lstrcmpiW
DeleteFileA
GetUserDefaultLangID
CopyFileA
GetOEMCP
lstrcmpiA
IsDebuggerPresent
VirtualAlloc
SetCurrentDirectoryA
GetCurrentThread
GetConsoleOutputCP

comctl32

InitCommonControls

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ