d093c979d8b8b3ce17d20b8df7de6c3e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d093c979d8b8b3ce17d20b8df7de6c3e_JaffaCakes118
Size

115KB
MD5

d093c979d8b8b3ce17d20b8df7de6c3e
SHA1

e54d5f14b49d251567b4e676cd8fb897056055b9
SHA256

47c8ed79b278475c229fffa939d3edf2bd06cf8a27d1ff4a1da7ca67f9d87b0e
SHA512

f3ec14d1af56365cdf877e4864a667fbc2654427bac091200437dea65966f536f109ef1c5f57f0c891528c40988984be8d6fc58e5e7e0b24ae63ea7a705affa6
SSDEEP

3072:WoyRxipGRznIXy1+g36/wK1oJQ0aM9ghxh:Woy2p2Ii1FGwXo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d093c979d8b8b3ce17d20b8df7de6c3e_JaffaCakes118

Files

d093c979d8b8b3ce17d20b8df7de6c3e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81cce1a4fbc3a885be1aa5be4d476a95

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
DeleteFileA
CopyFileA
lstrlenA
lstrcmpiA
QueryPerformanceCounter
GetCommandLineA
GetWindowsDirectoryA
RemoveDirectoryW
FindClose
GlobalFindAtomA
lstrcmpA
GetSystemTime
RemoveDirectoryA
lstrlenW
VirtualAlloc
GetModuleHandleA
VirtualFree

user32

CharNextA
GetParent
GetDesktopWindow
GetSystemMetrics
GetDC
TranslateMessage

gdi32

SetTextColor
GetClipBox
CreateCompatibleDC
GetPixel
GetDeviceCaps
CreateFontIndirectA
GetStockObject
RestoreDC
SaveDC
DeleteDC
SetStretchBltMode
SelectObject
SetMapMode
SelectPalette
RectVisible
GetObjectA
CreatePalette
LineTo
CreateSolidBrush
GetTextMetricsA

glu32

gluNurbsCallback

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE