fcd08a6804030c731c546d7996919ee9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fcd08a6804030c731c546d7996919ee9_JaffaCakes118
Size

110KB
MD5

fcd08a6804030c731c546d7996919ee9
SHA1

592f4c629af9ce0184a1f0bae7471690b5bd5962
SHA256

da9ee21e3f0a7dbcdd50161377f6e1be424bec7f825bd6895462cb6d50815520
SHA512

954322849c24a1699f6a7309f120981ead77d69ada2e0c96c2d36108e8ca3d49bfbb75d9db187c500f0597f6193f75b18b42cc86c316e308ab98b3fadf7dae9f
SSDEEP

1536:iUIBokFT8FQNp0ShALZMsmoLNLQOe9Kdho3911dE7tj:pIBnNb0R/lkOdE3911d6l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcd08a6804030c731c546d7996919ee9_JaffaCakes118

Files

fcd08a6804030c731c546d7996919ee9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

df712b97de1fe44babaf8b50fe8fc4a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetParent
GetDesktopWindow
GetDC
CharNextA
GetSystemMetrics
TranslateMessage

gdi32

CreateCompatibleDC
SetTextAlign
SelectObject
GetClipBox
DeleteObject
SetStretchBltMode
GetObjectA
GetPixel
CreateFontIndirectA
RestoreDC
CreatePalette
SetMapMode
GetStockObject
LineTo
GetTextMetricsA
DeleteDC
CreateSolidBrush
SetTextColor
GetDeviceCaps
RectVisible
SaveDC

kernel32

GetCommandLineA
QueryPerformanceCounter
lstrcmpiA
lstrlenA
lstrcmpiW
CopyFileA
lstrcmpA
lstrlenW
DeleteFileA
GetSystemTime
GetWindowsDirectoryA
GlobalFindAtomA
GetModuleHandleA
RemoveDirectoryA
VirtualAlloc
VirtualFree
RemoveDirectoryW
FindClose

glu32

gluNurbsCallback

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ