d6bc3dcb1df596905c412d90e33da02f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6bc3dcb1df596905c412d90e33da02f_JaffaCakes118
Size

65KB
MD5

d6bc3dcb1df596905c412d90e33da02f
SHA1

c3549de5b8bd421e91394ed9795e6734ca22fd8f
SHA256

95ad2bc77ff2be7b65700e756100c672479d2d633655d4de677762cdc7b3e729
SHA512

0561be4587f0e14a0ff45c5205716160fd00893f680fd95403c03192a32133d2fb67b3f4855457d25d2aa4951b043da788d4e32b5311f1e9ac41fc4a0387f300
SSDEEP

1536:J0F9qgWD7OXzJzg7N52HD8n2KyUo9JQviNXyA:2/5WD8zY2KFo9malyA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6bc3dcb1df596905c412d90e33da02f_JaffaCakes118

Files

d6bc3dcb1df596905c412d90e33da02f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2983870c815b5c3515d43c431fd33b66

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextA
GetDC
GetSystemMetrics
GetParent
GetDesktopWindow
TranslateMessage

gdi32

CreateCompatibleDC
CreatePalette
RestoreDC
GetPixel
CreateSolidBrush
LineTo
DeleteObject
SetStretchBltMode
DeleteDC
SelectPalette
GetTextMetricsA
SaveDC
RectVisible
SetTextAlign
SelectObject
GetStockObject
GetClipBox
CreateFontIndirectA
SetTextColor
SetMapMode

kernel32

GetWindowsDirectoryA
VirtualAlloc
RemoveDirectoryA
GlobalFindAtomA
lstrcmpiA
GetModuleHandleA
VirtualFree
RemoveDirectoryW
FindClose
GetCommandLineA
lstrlenA
DeleteFileA
lstrlenW
CopyFileA
lstrcmpiW
lstrcmpA
QueryPerformanceCounter

glu32

gluNurbsCallback

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ