f9872f117b0862fa7c33aa6ff6f0f9c4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9872f117b0862fa7c33aa6ff6f0f9c4_JaffaCakes118
Size

109KB
MD5

f9872f117b0862fa7c33aa6ff6f0f9c4
SHA1

b499ba4485ecf00c1911c315c8edf94e1f9dbdd7
SHA256

58bcfbb36e1d1b375398d1e2851234c19bf555b9786b8d4b66c6a7605d48441f
SHA512

d03cd29ec8d15fde0e7a15ddebe061ea20e182564b6959b8a7ce45b2377f0c31c0fcda42bdf91ff0eea354aa24678dcdbca30a46f864ac70f35c1e9a97184e10
SSDEEP

1536:k6O0IT66yFGfP0CSDTubrGBsk2Gi5e6OyGXbglMUf5aijQE1aN3zscqC+k:hFGHJbhkiA7yGL3VNjscp+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9872f117b0862fa7c33aa6ff6f0f9c4_JaffaCakes118

Files

f9872f117b0862fa7c33aa6ff6f0f9c4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1fe3d4aa05756398aaf66b0eef782a9e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
CopyFileA
RemoveDirectoryW
FindClose
GetWindowsDirectoryA
GetCommandLineA
GetModuleHandleA
RemoveDirectoryA
GlobalFindAtomA
GetSystemTime
lstrlenA
lstrcmpA
lstrcmpiA
QueryPerformanceCounter
lstrlenW
DeleteFileA
VirtualAlloc
VirtualFree

user32

GetParent
GetDesktopWindow
TranslateMessage
GetDC
GetSystemMetrics
CharNextA

gdi32

SelectPalette
GetPixel
GetStockObject
RestoreDC
GetTextMetricsA
SetTextColor
SetMapMode
CreateSolidBrush
LineTo
GetClipBox
DeleteDC
SetStretchBltMode
DeleteObject
SaveDC
CreateFontIndirectA
GetObjectA
SetTextAlign
CreatePalette
RectVisible
GetDeviceCaps

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ