e07877fb56ce68519da7eba44b13bcba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e07877fb56ce68519da7eba44b13bcba_JaffaCakes118
Size

107KB
MD5

e07877fb56ce68519da7eba44b13bcba
SHA1

ebd3ef407a66858cf8cf05dc6c11fd7003ed51e7
SHA256

15d610c2155c621715c11bf66e67c5aef1c76b1e5c35858800ca5276731d8337
SHA512

965806535a728fa119d0da18eb6491c6274fd2ca5a03b493dda5ba9f8806f1fb9728154e7e3c6dd09e434851740ff27dc8123f065db7453dfc80375e67120322
SSDEEP

1536:5z5XpvjfQIDmWFcWmN355XBx37c28BSKuxCU6ohLi48cX26rLtB:95GIDmWCW4Rx37cNuj6oJ26rLtB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e07877fb56ce68519da7eba44b13bcba_JaffaCakes118

Files

e07877fb56ce68519da7eba44b13bcba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c321987098c1d9839287b53048afaee7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteDC
GetPixel
RestoreDC
LineTo
GetObjectA
CreateFontIndirectA
GetTextMetricsA
SaveDC
GetClipBox
CreatePalette
SetMapMode
GetDeviceCaps
SetTextAlign
DeleteObject
CreateCompatibleDC
GetStockObject

user32

GetParent
GetDesktopWindow
CharNextA
TranslateMessage
GetSystemMetrics
GetDC

kernel32

lstrlenA
lstrcmpiA
DeleteFileA
lstrlenW
lstrcmpA
CopyFileA
GetCommandLineA
GetSystemTime
RemoveDirectoryW
FindClose
RemoveDirectoryA
lstrcmpiW
GlobalFindAtomA
GetModuleHandleA
VirtualAlloc
VirtualFree
QueryPerformanceCounter

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ