d56a8b0ea2acd0c37a4906bd040e6deb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d56a8b0ea2acd0c37a4906bd040e6deb_JaffaCakes118
Size

133KB
MD5

d56a8b0ea2acd0c37a4906bd040e6deb
SHA1

c0c57ed257cab6567278d34b0f08d3b553ddfc9b
SHA256

9688a0b3d2311612ce0695f2c08b6fd5ef4d2cddd4e7606e5118d6d0a9abaa6c
SHA512

8604698b9dbd2f3ce715837691c6cc68522a0491435dd4f9b77bf840ee03cd4333977c74b708087e6a80f0a43396d32ee17b9a60a1ae483c3baf28676f827225
SSDEEP

3072:BjxXZMi9/ufh6JRIKmiooCsW7TBAFPTzm63WBd8Ej:BtXL9/u6zza7TwFWP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d56a8b0ea2acd0c37a4906bd040e6deb_JaffaCakes118

Files

d56a8b0ea2acd0c37a4906bd040e6deb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c3bba787eaa531219f5cb3a81ade1efe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
DeleteFileA
GlobalFindAtomA
GetCommandLineA
lstrcmpiW
GetSystemTime
lstrcmpA
CopyFileA
lstrlenA
RemoveDirectoryA
QueryPerformanceCounter
lstrlenW
lstrcmpiA
VirtualAlloc
GetModuleHandleA
VirtualFree
RemoveDirectoryW
FindClose

gdi32

DeleteDC
CreatePalette
GetTextMetricsA
SetTextAlign
CreateSolidBrush
SetStretchBltMode
GetClipBox
RestoreDC
CreateFontIndirectA
SelectPalette
LineTo
SelectObject
GetObjectA
SetTextColor
SaveDC
CreateCompatibleDC
RectVisible
GetStockObject
GetDeviceCaps

user32

GetParent
GetDC
CharNextA
TranslateMessage
GetSystemMetrics
GetDesktopWindow

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE