d59765cd7b613bcc9a7715faaca58854_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d59765cd7b613bcc9a7715faaca58854_JaffaCakes118
Size

119KB
MD5

d59765cd7b613bcc9a7715faaca58854
SHA1

b01150d299affe0a1f1cdaf8107b4391a1c76383
SHA256

1b3681f770c2569c3de9b1b56bfd2d6a16349488b24306dfb0f4de605977d4b7
SHA512

d527f82a0172c9af7456d0af715cfccfa6686cb3d591ff5c9894a33dc61daab9d4da0275243fb4a193952c2d4d3605e46c2ae3b2591b059dce7329b40aef735f
SSDEEP

1536:0KGKxIomzkX6CZwRZeSSztKnCqUQS5R6fTxrbkqwwji70K3iqhLI0YU4Vz5:0KPxIrI0MSSwfxXkqwdA0YU45

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d59765cd7b613bcc9a7715faaca58854_JaffaCakes118

Files

d59765cd7b613bcc9a7715faaca58854_JaffaCakes118
.exe windows:4 windows x86 arch:x86

23a00e6e6037c822ef9732f0b905963c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
lstrlenW
GetCommandLineA
QueryPerformanceCounter
CopyFileA
DeleteFileA
GlobalFindAtomA
GetWindowsDirectoryA
lstrcmpiW
lstrlenA
GetSystemTime
RemoveDirectoryW
FindClose
lstrcmpiA
lstrcmpA
RemoveDirectoryA
VirtualAlloc
VirtualFree

gdi32

CreateFontIndirectA
CreateCompatibleDC
SetTextAlign
GetTextMetricsA
SetMapMode
SelectPalette
DeleteObject
LineTo
SetStretchBltMode
SelectObject
GetStockObject
RectVisible
SaveDC
CreateSolidBrush
RestoreDC
GetClipBox
CreatePalette
SetTextColor
GetPixel
GetObjectA
GetDeviceCaps

user32

GetSystemMetrics
TranslateMessage
GetParent
GetDC
CharNextA
GetDesktopWindow

glu32

gluNurbsCallback

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ