cfb6e24afda2a5c6f4c8b40e14562935_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cfb6e24afda2a5c6f4c8b40e14562935_JaffaCakes118
Size

112KB
MD5

cfb6e24afda2a5c6f4c8b40e14562935
SHA1

7762ea697af6bc485aa4966021b564ec402dd9b0
SHA256

413cb00b16462faf06aedc867a618efe87e492ffd18b4959f58dc4a11a952055
SHA512

f2da66db62074f4538dbcc068c0c41c8101d3816e3b857061ff49933a8a3e6a9a10af205c61d385c3fef02f121285856c37a2c3dcbd185d297f0d33df51ae3a0
SSDEEP

1536:/XYV8WWHS5vJBA/8nu7EsNUDF8/YY4zvn6AEoQvUQuHoEweMvPRW76K3l+3Q4Zxx:/Ielf/8cgF0YYUn6pvoxMnzE4Zx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfb6e24afda2a5c6f4c8b40e14562935_JaffaCakes118

Files

cfb6e24afda2a5c6f4c8b40e14562935_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4769bee8f2ecdbfc7bac8b753f1dee92

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFindAtomA
GetModuleHandleA
lstrcmpiA
GetCommandLineA
RemoveDirectoryA
QueryPerformanceCounter
GetSystemTime
VirtualAlloc
lstrcmpA
VirtualFree
lstrcmpiW
GetWindowsDirectoryA
RemoveDirectoryW
FindClose
CopyFileA
lstrlenA
lstrlenW

user32

GetDesktopWindow
CharNextA
GetDC
GetSystemMetrics
TranslateMessage
GetParent

gdi32

CreateCompatibleDC
GetClipBox
CreatePalette
DeleteObject
GetStockObject
GetDeviceCaps
CreateSolidBrush
RestoreDC
DeleteDC
LineTo
SelectObject
SetMapMode
SelectPalette
GetObjectA
CreateFontIndirectA
SetStretchBltMode
SetTextAlign
GetTextMetricsA
RectVisible
GetPixel
SetTextColor

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE