ddc08fef78fd2b01410e89e8a3d084a3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ddc08fef78fd2b01410e89e8a3d084a3_JaffaCakes118
Size

118KB
MD5

ddc08fef78fd2b01410e89e8a3d084a3
SHA1

82bd9e1ad844cab5f3c9a8d56b4c853dba612fbc
SHA256

c26dae2eb2d8b43c95c15f48e8a33c3e64863b26bb2ad9386731bac8b3e898cb
SHA512

f6eeb55f2c0371e836ddf5f365dec21712813087da800123fe89ad2ee7801a3a8010f387ec7ae527ca7f25db9c62111376701ab93d8fce97658c75ca55110e70
SSDEEP

3072:txYJpSP+BoJYsJO46Hk2PYXJ3kuZ0whsAn2L/l1:0uPJOVjYZ3rZYv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddc08fef78fd2b01410e89e8a3d084a3_JaffaCakes118

Files

ddc08fef78fd2b01410e89e8a3d084a3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4866c42570879774b3a37daafcf303ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
QueryPerformanceCounter
GetModuleHandleA
lstrcmpiW
GetWindowsDirectoryA
lstrlenA
DeleteFileA
CopyFileA
lstrcmpiA
lstrlenW
RemoveDirectoryA
lstrcmpA
RemoveDirectoryW
FindClose
GlobalFindAtomA
GetCommandLineA
VirtualAlloc
VirtualFree

user32

CharNextA
GetSystemMetrics
GetParent
TranslateMessage
GetDC
GetDesktopWindow

gdi32

GetStockObject
CreateCompatibleDC
CreateFontIndirectA
SelectObject
LineTo
DeleteDC
DeleteObject
SetTextColor
GetDeviceCaps
SetTextAlign
SaveDC
GetObjectA
CreateSolidBrush
SetStretchBltMode
SelectPalette
CreatePalette
RestoreDC
GetTextMetricsA
SetMapMode
RectVisible
GetClipBox

glu32

gluNurbsCallback

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ