dac44150838a1c09ebf76bfd9c61bd69_JaffaCakes118 | Triage

Sharing

General

Target

dac44150838a1c09ebf76bfd9c61bd69_JaffaCakes118
Size

118KB
MD5

dac44150838a1c09ebf76bfd9c61bd69
SHA1

b9d6e7ea7a29faa6bcb12f509958c0b96acfdb05
SHA256

5b20f27a5b3cf9333098d5db20941f4e2930bb917ca5432163a4e55f9a6e6efb
SHA512

cb036fe3910c4d27badb5131ca209bef0e52b214f892c1ac3ea75b8c0fd7997808319bbab70c4b3e27b1122b4cdbab5a2ce18b025a3257acdb9064e91b7e241b
SSDEEP

3072:oSUvhv4S3ICAWWciI3W8rQTe49A3udCB:qwCIuWk31rQS41

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dac44150838a1c09ebf76bfd9c61bd69_JaffaCakes118

Files

dac44150838a1c09ebf76bfd9c61bd69_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6189aed24a01448854cb2e623a11a4fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GlobalFindAtomA
GetWindowsDirectoryA
GetSystemTime
GetCommandLineA
lstrcmpA
lstrcmpiW
QueryPerformanceCounter
GetModuleHandleA
lstrlenW
lstrcmpiA
RemoveDirectoryA
CopyFileA
RemoveDirectoryW
FindClose
lstrlenA
VirtualAlloc
VirtualFree

gdi32

DeleteDC
GetDeviceCaps
GetObjectA
GetClipBox
SetTextAlign
CreatePalette
SaveDC
SetMapMode
CreateSolidBrush
SetStretchBltMode
CreateFontIndirectA
GetStockObject
SetTextColor
GetTextMetricsA
DeleteObject
LineTo
RestoreDC
SelectPalette
RectVisible
SelectObject
CreateCompatibleDC

user32

CharNextA
GetParent
TranslateMessage
GetDesktopWindow
GetSystemMetrics
GetDC

glu32

gluNurbsCallback

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ