d998986332731cbea24c2df01b171313_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d998986332731cbea24c2df01b171313_JaffaCakes118
Size

113KB
MD5

d998986332731cbea24c2df01b171313
SHA1

3d7d985d07e6f5d5a3066c198d408194cba77ab9
SHA256

17cd25e6bdb8fcf22b43eec8a6d3b5902be133dca0e814d8cb94d01a7e699122
SHA512

78f81d562291f1bed0bfda6974739ae7093b964da9bc93a8bfd0ea241cf7eeebd2d6b7d61853c2862e689418daa8866c27a1b6050e7e5bd6b97b8d265e4397e0
SSDEEP

1536:2eCJG4+1pGp5PebGa3NwBe6Z+fmZohxMFDur1Qt4vt3gEMuS/1hs+k3iEEifJjpi:SWIc3N4+eZCxMFuRSm3yuKh29paEqt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d998986332731cbea24c2df01b171313_JaffaCakes118

Files

d998986332731cbea24c2df01b171313_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dfdadb0f407d853c611341ca4fdfa360

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
lstrcmpiA
RemoveDirectoryA
lstrlenA
GlobalFindAtomA
VirtualAlloc
QueryPerformanceCounter
CopyFileA
GetWindowsDirectoryA
VirtualFree
GetCommandLineA
RemoveDirectoryW
FindClose
GetModuleHandleA
lstrlenW
DeleteFileA
GetSystemTime
lstrcmpiW

user32

GetParent
TranslateMessage
GetDesktopWindow
GetSystemMetrics
GetDC
CharNextA

gdi32

SelectObject
RestoreDC
SetStretchBltMode
SetMapMode
CreatePalette
SetTextAlign
DeleteObject
RectVisible
GetClipBox
SaveDC
GetTextMetricsA
DeleteDC
SetTextColor
GetStockObject
LineTo
SelectPalette
GetDeviceCaps
CreateSolidBrush
CreateCompatibleDC
GetObjectA
CreateFontIndirectA
GetPixel

glu32

gluNurbsCallback

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ