fe1493f36aeadee289d6384147be479a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe1493f36aeadee289d6384147be479a_JaffaCakes118
Size

111KB
MD5

fe1493f36aeadee289d6384147be479a
SHA1

1e65710a484f55776beff686574b382a32899ad6
SHA256

d89a379d0df2ececc72907f54c78784d064bbe57026b938a62f4baa385357af8
SHA512

a42f03151adb8d8c4b06a5e866ac1c29176bdeec84541b0077f1e01522a0818cf78bfefe98e9d9410fb1d8530ebb872b834f1198cd5053d244d8c2759cede222
SSDEEP

3072:tDMSdgUuvnRp+Z8AtxwZB/J/p/6z5z/Sag:OsgRfR+8cu/kc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe1493f36aeadee289d6384147be479a_JaffaCakes118

Files

fe1493f36aeadee289d6384147be479a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bc3e8c366a4a3cb8143864d45203eaa3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetStretchBltMode
SetTextAlign
LineTo
GetDeviceCaps
SelectObject
RestoreDC
CreatePalette
GetPixel
GetTextMetricsA
RectVisible
SetMapMode
GetObjectA
DeleteDC
GetClipBox
DeleteObject
CreateFontIndirectA
GetStockObject
CreateSolidBrush
SaveDC
SetTextColor

user32

GetDesktopWindow
GetDC
GetSystemMetrics
CharNextA
GetParent
TranslateMessage

kernel32

RemoveDirectoryW
lstrlenW
FindClose
CopyFileA
RemoveDirectoryA
DeleteFileA
lstrcmpiA
lstrcmpiW
lstrlenA
GetModuleHandleA
lstrcmpA
GetCommandLineA
QueryPerformanceCounter
GlobalFindAtomA
GetSystemTime
GetWindowsDirectoryA
VirtualAlloc
VirtualFree

glu32

gluNurbsCallback

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ