fe12aaca6ac61a62144f6f1119ea93d9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe12aaca6ac61a62144f6f1119ea93d9_JaffaCakes118
Size

119KB
MD5

fe12aaca6ac61a62144f6f1119ea93d9
SHA1

b8cbe951b1aff5b55f80272dbcaa681fa2d827ed
SHA256

f2bc78bf119ec9703f1d509906c872182ca395a082912606dbee617991a6496c
SHA512

b1e6a5178bc5d4725d054c157fb90f714c541491c04321befa3ab1ccf833b1411ba5ab0796d27c405038ec8bfa1f52444513cfd48a82e5cceacb65786c0f12b4
SSDEEP

3072:xO9PsaDxmA5/CD6cDoJDjVsgSA5v33HCoP3g82qn:Q9PBDn5hDSIv3SAg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe12aaca6ac61a62144f6f1119ea93d9_JaffaCakes118

Files

fe12aaca6ac61a62144f6f1119ea93d9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6a9c4e7652f948acb38b79861700fda6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
RemoveDirectoryA
GetWindowsDirectoryA
QueryPerformanceCounter
lstrlenA
lstrcmpA
lstrlenW
CopyFileA
RemoveDirectoryW
DeleteFileA
FindClose
GlobalFindAtomA
GetCommandLineA
lstrcmpiA
GetSystemTime
GetModuleHandleA
VirtualAlloc
VirtualFree

gdi32

SetStretchBltMode
SetMapMode
CreatePalette
DeleteObject
CreateSolidBrush
GetPixel
LineTo
RectVisible
GetObjectA
GetTextMetricsA
GetClipBox
SetTextColor
RestoreDC
SetTextAlign
SelectObject
SelectPalette
DeleteDC

user32

CharNextA
GetSystemMetrics
GetDesktopWindow
TranslateMessage
GetDC
GetParent

glu32

gluNurbsCallback

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ibfgobn
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE