ce6e9641778fe6bc24d7e7730fac781b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce6e9641778fe6bc24d7e7730fac781b_JaffaCakes118
Size

112KB
MD5

ce6e9641778fe6bc24d7e7730fac781b
SHA1

bbf02c36daf4ef7d1d318031b79978ba4a352bcd
SHA256

0849a3bb1cd4652bfea149c5b146203f08dbc6bbb6dfb92c8db6c7fbcda6480c
SHA512

8478a08995cdfe34c7522993ca7caebf546bb365acb7d171cb26a36cbe58d4910d45ff075e335add57f7d85b49d0ff307b59333d2869348b22181d2fcff0c98e
SSDEEP

3072:OPq6x2fdLk7zhk2RH7bScpGegKH2c8XO:Wq6OWyWuEy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce6e9641778fe6bc24d7e7730fac781b_JaffaCakes118

Files

ce6e9641778fe6bc24d7e7730fac781b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d2460e3790ccc8b2079bf4e8d4e6be62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
DeleteFileA
lstrlenA
lstrcmpA
lstrcmpiW
CopyFileA
GlobalFindAtomA
GetSystemTime
RemoveDirectoryA
VirtualAlloc
lstrcmpiA
GetWindowsDirectoryA
GetCommandLineA
VirtualFree
RemoveDirectoryW
FindClose
QueryPerformanceCounter
GetModuleHandleA

user32

GetDesktopWindow
GetDC
GetSystemMetrics
TranslateMessage
GetParent
CharNextA

gdi32

GetTextMetricsA
GetObjectA
SetStretchBltMode
SelectObject
GetClipBox
LineTo
GetDeviceCaps
CreateFontIndirectA
SelectPalette
DeleteObject
CreateSolidBrush
SetTextAlign
SaveDC
DeleteDC
RectVisible
SetMapMode
SetTextColor
GetStockObject
CreatePalette
RestoreDC
GetPixel
CreateCompatibleDC

glu32

gluNurbsCallback

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bcvwwqi
Size: - Virtual size: 72KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE