dae202dac2786d5fd3879a698df0f728_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dae202dac2786d5fd3879a698df0f728_JaffaCakes118
Size

109KB
MD5

dae202dac2786d5fd3879a698df0f728
SHA1

8f074bdd5d03ff6053f73ed03bf37eedb37a84b0
SHA256

c0477884ee1fe39cacdfc7c076f8b7e02430301a202eebdfdf58e6dcdff60ebc
SHA512

8aee55091ab0ad123e073821272d3082a0cca78cb489d7b28482e8ac6fd24b4384d8e5750e184bea14b20e8dc30ef048c993addebe4f857c3abe94845237c167
SSDEEP

1536:CR9FMfv8dLGcYj3JKGQaKDttYyWcdDfLk6NnQ+6ZQrxYwR8Vvp5JZp5JZGWm2GWd:U90cGkGQH5iy/Y6nQnZQz+zGr2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dae202dac2786d5fd3879a698df0f728_JaffaCakes118

Files

dae202dac2786d5fd3879a698df0f728_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6a5c342660936e8294de2074e416b66e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
RemoveDirectoryA
lstrcmpA
DeleteFileA
lstrcmpiW
QueryPerformanceCounter
GetCommandLineA
CopyFileA
GetModuleHandleA
GlobalFindAtomA
lstrlenW
RemoveDirectoryW
FindClose
lstrcmpiA
GetSystemTime
lstrlenA
VirtualAlloc
VirtualFree

user32

TranslateMessage
GetSystemMetrics
GetParent
GetDC
GetDesktopWindow
CharNextA

gdi32

CreateFontIndirectA
SetStretchBltMode
GetStockObject
CreateSolidBrush
SetMapMode
SaveDC
SelectPalette
RestoreDC
CreatePalette
SetTextColor
SelectObject
LineTo
DeleteObject
CreateCompatibleDC
RectVisible
GetClipBox
GetObjectA
DeleteDC
SetTextAlign
GetPixel
GetDeviceCaps

glu32

gluNurbsCallback

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ytubkzc
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE