d358707a562f5946bc194a675b4c970e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d358707a562f5946bc194a675b4c970e_JaffaCakes118
Size

110KB
MD5

d358707a562f5946bc194a675b4c970e
SHA1

bbfc3e5e6036ad3329bedd3ba1361b214add382f
SHA256

14da87fbeba24ffa6e47c4c9507b890ad0338d9502d272784774b4cd1fa8c019
SHA512

6b02bc61fe7246ab70a4f070d6961f04f0d49c04707810737a7945b4b383e6c2e282232e226781516c8fd5ab30eab48c4a1258824ffa245afae7a46c6f000fb7
SSDEEP

3072:JxAQ40Gp6F4i+XtkCg8t5MKlrmpvheQnj7/:woGpi4iUtkCgYlivhp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d358707a562f5946bc194a675b4c970e_JaffaCakes118

Files

d358707a562f5946bc194a675b4c970e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

be0b9212849a97b0635bd50f5c2de848

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextA
TranslateMessage
GetParent
GetDesktopWindow
GetSystemMetrics
GetDC

gdi32

SetTextColor
SelectObject
GetObjectA
GetClipBox
RectVisible
CreateCompatibleDC
GetDeviceCaps
GetTextMetricsA
DeleteDC
SetMapMode
GetStockObject
SetTextAlign
DeleteObject
RestoreDC
CreateFontIndirectA
SetStretchBltMode
SaveDC
SelectPalette
CreateSolidBrush

kernel32

lstrcmpiW
RemoveDirectoryW
CopyFileA
QueryPerformanceCounter
FindClose
GetWindowsDirectoryA
GetSystemTime
lstrlenW
DeleteFileA
RemoveDirectoryA
VirtualAlloc
lstrcmpA
GetModuleHandleA
GlobalFindAtomA
VirtualFree
GetCommandLineA
lstrcmpiA
lstrlenA

glu32

gluNurbsCallback

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ