fdd0cb6b7d410a95e768b209888b06b4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fdd0cb6b7d410a95e768b209888b06b4_JaffaCakes118
Size

184KB
MD5

fdd0cb6b7d410a95e768b209888b06b4
SHA1

00010444dcd8a529927f05111678136dc0a14c56
SHA256

ef0b922980e01435c3aecaf65e3fa74e7c01b63a44a3518a08be4b76485bcf9f
SHA512

bb40b17ad8ac483ef5cc17ae8e118f30a8fdf815e8b41b2d73f83397313e4730a1a01ddfa9751dc0cf3126ef2210c1815682585e3a05a43b5c8b8f2c1637e567
SSDEEP

3072:35Ovbgme+fjfaDoG0i7GNX1APkT763ZO843O2PSAniBOMcNY/Pg6:4gmRfjCDBli1/Y43cAniUpUo6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdd0cb6b7d410a95e768b209888b06b4_JaffaCakes118

Files

fdd0cb6b7d410a95e768b209888b06b4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d0a7f2ccd634af4b8f71ee21e23e0dcc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
GetSystemMetrics
GetParent
CharNextA
TranslateMessage
GetDesktopWindow

kernel32

RemoveDirectoryA
lstrcmpiW
lstrcmpiA
GlobalFindAtomA
GetSystemTime
GetCommandLineA
lstrlenW
CopyFileA
lstrcmpA
GetModuleHandleA
lstrlenA
RemoveDirectoryW
FindClose
DeleteFileA
QueryPerformanceCounter
GetWindowsDirectoryA
VirtualAlloc
VirtualFree

gdi32

RestoreDC
DeleteDC
CreatePalette
CreateCompatibleDC
CreateFontIndirectA
SaveDC
CreateSolidBrush
GetTextMetricsA
GetObjectA
DeleteObject
GetStockObject
SelectObject
GetClipBox
SetStretchBltMode
GetPixel
SetTextAlign
RectVisible
SetMapMode
GetDeviceCaps
SelectPalette
LineTo

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ