d48d375510484a6bd4df1b17daf58422_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d48d375510484a6bd4df1b17daf58422_JaffaCakes118
Size

113KB
MD5

d48d375510484a6bd4df1b17daf58422
SHA1

812bda831ea0bbde7898e5efbaa45d636f493fc2
SHA256

434da456664c55d4f411ffb3b1447a44bcf3600ee294c24615647f637068dd8d
SHA512

bdf81e470f69226bde5aad0c7699ffa4fe43db2b7963e604429ae430b593f176f3b2a18ff7954c40e3aaf7b19288a84b78116e8fda93d179e35df04809e211cb
SSDEEP

3072:aa/8Zr/ZMuYQkYRGS/wGGGuYr+MgcYrQfwv4Z3JbM:TqXTZQhb25gZQfIe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d48d375510484a6bd4df1b17daf58422_JaffaCakes118

Files

d48d375510484a6bd4df1b17daf58422_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae2e918603d492033200198652120692

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
CharNextA
GetDC
GetSystemMetrics
GetDesktopWindow
GetParent

kernel32

CopyFileA
GetWindowsDirectoryA
DeleteFileA
lstrcmpiW
GetModuleHandleA
lstrlenW
lstrlenA
lstrcmpiA
GetCommandLineA
QueryPerformanceCounter
GetSystemTime
GlobalFindAtomA
RemoveDirectoryA
VirtualAlloc
lstrcmpA
VirtualFree
RemoveDirectoryW
FindClose

gdi32

RestoreDC
SetStretchBltMode
SetTextAlign
GetStockObject
SetMapMode
CreateCompatibleDC
SelectObject
CreateSolidBrush
GetDeviceCaps
SelectPalette
SaveDC
GetPixel
GetObjectA
GetClipBox
GetTextMetricsA
LineTo
CreatePalette
RectVisible
CreateFontIndirectA
SetTextColor

glu32

gluNurbsCallback

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE