db8097fe9bf4d71380f88724f1778b22_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db8097fe9bf4d71380f88724f1778b22_JaffaCakes118
Size

149KB
MD5

db8097fe9bf4d71380f88724f1778b22
SHA1

a85a467c0d21e99fd05e6ef656d497e18f65d7c6
SHA256

5859fe6676c26a8c71ce64fbbe60223c441010ec86b74dc802a2fda271bca136
SHA512

752553da1745b4085f1e53137c54070799aab1bfd4a97fa0164e84e5bb410386e12ff31139b2badb3c02674cd8752838b09ab9e76d24ffaf5486a4aec9be84c0
SSDEEP

3072:bOWgOu7qVlyzsZmmm6yee4imVztecZpBySZa6eU2nW:bzuy8C/zeQzAcJq61r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db8097fe9bf4d71380f88724f1778b22_JaffaCakes118

Files

db8097fe9bf4d71380f88724f1778b22_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9fa16d2a06720179e3f70ee23c03af8e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindow
GetParent
TranslateMessage
GetSystemMetrics
DispatchMessageA

kernel32

GetConsoleOutputCP
GetWindowsDirectoryA
GetCurrentThread
GetModuleHandleW
VirtualAlloc
GetACP
MulDiv
VirtualFree
GetCurrentProcess
GlobalFindAtomW
SetCurrentDirectoryA
lstrcmpiW

gdi32

GetTextMetricsA
SelectPalette
CreatePen
CreateSolidBrush
DeleteDC
RectVisible

glu32

gluTessCallback

comctl32

InitCommonControls

Sections

.text
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Ajneu El
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ