d1be16403f727a3476d2dddba36ca99f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d1be16403f727a3476d2dddba36ca99f_JaffaCakes118
Size

150KB
MD5

d1be16403f727a3476d2dddba36ca99f
SHA1

d679898b8f4c09c3179a2616009e4e9b1af9ed5b
SHA256

32e253ead5c57f9b36acb7a5551bc5f38430470f8bc19a33136123bd153aee8d
SHA512

9ba85d9e58aa50066c8015ce031cc67701cb5920f81f751b5e4fb0ae26aff18ba9ee71c16d037b7d45970904ff4d35c108297453b3faf68d1e5064a9988e47db
SSDEEP

3072:/Z3xDEsCGkkcNFxMBIl1dTyoUNeK4tMXb:/ZxTvcaBIl1dyet

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1be16403f727a3476d2dddba36ca99f_JaffaCakes118

Files

d1be16403f727a3476d2dddba36ca99f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b8d44de9df4e5977761a601b0602ab28

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
GetParent
ShowWindow
TranslateMessage
GetSystemMetrics
DispatchMessageA

gdi32

GetTextMetricsA
GetClipBox
SelectPalette
GetPixel
CreateSolidBrush
MoveToEx
SetTextAlign
SetStretchBltMode
RestoreDC
SaveDC
CreateCompatibleDC
GetObjectA

kernel32

GetLastError
MulDiv
GetCurrentProcessId
VirtualAlloc
GetModuleHandleA
GetCurrentThreadId
GlobalFindAtomW
GetOEMCP
VirtualFree
GetCommandLineA
lstrlenA

glu32

gluTessCallback

comctl32

InitCommonControls

Sections

.text
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Pqwpdtwb
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ