fb71b94a39701fd17b335bb1c27a4196_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb71b94a39701fd17b335bb1c27a4196_JaffaCakes118
Size

2.8MB
MD5

fb71b94a39701fd17b335bb1c27a4196
SHA1

098c5d96199c953c309ea59ea2dd7478ad9839a5
SHA256

c9679c2fcf867203029f6fefdffbc300797b27370d759edc85825ffdeb7b3666
SHA512

1370ed0d61428bee6ed96a2e600e254cf39720936162b4bd856dc85d09a48e394fd3f4a5ae9987d2ccd2602cfa49710c65d457c1dcd5a2d1a2985a7ab0b0a19c
SSDEEP

49152:h0oDs4tDAZigtZf4AQd6xsAH485Rfvz/CLldTnFCwvYXW7A1Ue/wFXiZ:hRs4ifnQzAJjfvTwlRnFwW7itZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb71b94a39701fd17b335bb1c27a4196_JaffaCakes118

Files

fb71b94a39701fd17b335bb1c27a4196_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f4391814b28bdf3a59e8c63c900b6224

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawEnumerateExA
DirectDrawCreateEx

winmm

timeGetTime

dinput

DirectInputCreateEx

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

dsound

ord1

gdi32

SetTextColor
BitBlt
SelectObject
DeleteDC
DeleteObject
GetObjectA
CreateCompatibleDC
GetTextExtentPoint32A
GetTextMetricsA
CreateFontA
Polyline
CreatePen
SetMapMode
CreateSolidBrush
RemoveFontResourceA
Polygon
SetMapperFlags
AddFontResourceA
GetDeviceCaps
RoundRect
StretchBlt
SetBkColor
GetStockObject
SetTextAlign
CreateCompatibleBitmap
SetStretchBltMode
GetDIBits
GetTextAlign
Rectangle
SetBkMode
TextOutA

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 432KB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ