f6dd7f5dcfb8d9c72c5d793b4f9a1e00_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6dd7f5dcfb8d9c72c5d793b4f9a1e00_JaffaCakes118
Size

119KB
MD5

f6dd7f5dcfb8d9c72c5d793b4f9a1e00
SHA1

749d4a83a513c4ab93c51c4851eef06c2189416e
SHA256

d4ea377ac0499509c797d473cd3c720ba153dc7b38c8b5701b2d3fb696cafd12
SHA512

b39af94c8bacf8b7e6967faad2a56bdad4d171fd4b710d6e9081ef594920da7c97b695f37f5567fe03245484e4d5c8ccff2d5646648ee0340aaf486aa2352cd7
SSDEEP

3072:aiZ7DsNPwX+cJ3GNG1JtiYjuI4Kuog9J88gDge:d9D0PtczYF01

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6dd7f5dcfb8d9c72c5d793b4f9a1e00_JaffaCakes118

Files

f6dd7f5dcfb8d9c72c5d793b4f9a1e00_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b62750b8864bbc28b26f1cc7f9541b86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetTextColor
CreateFontIndirectA
SetMapMode
SelectObject
LineTo
CreateCompatibleDC
CreatePalette
DeleteDC
GetPixel
RectVisible
GetDeviceCaps
GetTextMetricsA
RestoreDC
GetClipBox
GetStockObject
SaveDC
GetObjectA
DeleteObject
SetTextAlign
SelectPalette

kernel32

lstrcmpiW
GetCommandLineA
DeleteFileA
lstrcmpiA
CopyFileA
RemoveDirectoryA
GetSystemTime
GlobalFindAtomA
GetModuleHandleA
lstrlenA
VirtualAlloc
QueryPerformanceCounter
lstrcmpA
VirtualFree
RemoveDirectoryW
FindClose
lstrlenW
GetWindowsDirectoryA

user32

GetParent
GetDC
GetDesktopWindow
CharNextA
TranslateMessage
GetSystemMetrics

glu32

gluNurbsCallback

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ