fab1c60e2eca973e3d9454fc85042c41_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fab1c60e2eca973e3d9454fc85042c41_JaffaCakes118
Size

117KB
MD5

fab1c60e2eca973e3d9454fc85042c41
SHA1

769b03e0aa0c7dbf252815915a55ee2c76f39060
SHA256

41e67b5ead87f27cabda42dd0f7c7c31b4e4757969e421fad3bb7581aad9a43c
SHA512

54425bdd98b7e08ea2f61e9397704cfdd70caa32fb768bbf23ce043d5593ab4855db0dd211abd89824d9bf4eb0615ae1b9e5cc8643cd9dc9bc4e7bede7978732
SSDEEP

3072:4q5x5EpGMkxncDftMwMQH7HfSIUe1ZJe:Lx5mkizGwMQbHfHbJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fab1c60e2eca973e3d9454fc85042c41_JaffaCakes118

Files

fab1c60e2eca973e3d9454fc85042c41_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e5cbc40e8e29f73a7a7819427bb39f46

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
CopyFileA
lstrcmpiA
lstrcmpA
RemoveDirectoryA
lstrcmpiW
GetWindowsDirectoryA
GlobalFindAtomA
lstrlenA
RemoveDirectoryW
FindClose
DeleteFileA
lstrlenW
QueryPerformanceCounter
VirtualAlloc
VirtualFree
GetCommandLineA
GetModuleHandleA

user32

TranslateMessage
GetSystemMetrics
GetDC
CharNextA
GetDesktopWindow
GetParent

gdi32

GetDeviceCaps
GetTextMetricsA
RestoreDC
SetTextColor
SetMapMode
DeleteDC
DeleteObject
SetStretchBltMode
GetClipBox
SelectObject
SaveDC
GetPixel
CreateSolidBrush
SetTextAlign
GetStockObject
SelectPalette
CreatePalette
RectVisible
LineTo

glu32

gluNurbsCallback

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ