fc9e8562499d24325bc2c4b745051c83_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc9e8562499d24325bc2c4b745051c83_JaffaCakes118
Size

100KB
MD5

fc9e8562499d24325bc2c4b745051c83
SHA1

411e5545c95bb9313a5e877fdf8c2fbb4a07acd8
SHA256

904de7e6653be5b162c11d0135c25d13f5f62aa4651736c299c67b7f03955837
SHA512

7ff042eb2d8d01ffdca59fda01726cee8432faf69766326d760950e8967eb3776a9e67cc7cda2c14cbfd41be23e9052cbe2ab734693f82254817c21ac33cc67f
SSDEEP

3072:ijE+mPoXnEMIxzGNPM4rP1Y65/mC1S5a:IO8lNPo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc9e8562499d24325bc2c4b745051c83_JaffaCakes118

Files

fc9e8562499d24325bc2c4b745051c83_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ce0d1f5e2bf1a145c7b171bab508d82

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
GetCommandLineA
GetModuleHandleA
lstrcmpiW
GetSystemTime
lstrlenA
GetWindowsDirectoryA
GlobalFindAtomA
DeleteFileA
QueryPerformanceCounter
lstrcmpA
RemoveDirectoryA
CopyFileA
lstrcmpiA
RemoveDirectoryW
FindClose
VirtualAlloc
VirtualFree

user32

GetDC
GetDesktopWindow
CharNextA
GetSystemMetrics
GetParent
TranslateMessage

gdi32

LineTo
SetStretchBltMode
SelectPalette
SetMapMode
CreatePalette
RectVisible
GetTextMetricsA
GetClipBox
SetTextColor
DeleteObject
GetPixel
RestoreDC
CreateFontIndirectA
GetDeviceCaps
GetStockObject
SaveDC
CreateCompatibleDC
SelectObject
DeleteDC

glu32

gluNurbsCallback

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ