ffdecdbbb4e281094bc4862b706edae8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ffdecdbbb4e281094bc4862b706edae8_JaffaCakes118
Size

188KB
MD5

ffdecdbbb4e281094bc4862b706edae8
SHA1

88a6111cc7b35fb024b81a87286ecabc6f296efa
SHA256

2db223c18f4f18e425d287609c73abe47dc1ec884bfb3a65621568ab0320f265
SHA512

ce68f729833a240c55833e0dad4e07305f1528dac217113c5f0106efce6a0106d7a6d4d88881721c2125280995b073d9a87827e8523ffd1e3a1bf911d536078c
SSDEEP

3072:fIOH5TM/d3/mtREb1z8O32FTgyLF9qGMQAK05VoX08qBPb2q3Pw+:flHyQKb1z8O38p5X0R//

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffdecdbbb4e281094bc4862b706edae8_JaffaCakes118

Files

ffdecdbbb4e281094bc4862b706edae8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a3b03110e49e62ac6b023a0a556f568e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SelectPalette
SetStretchBltMode
CreateFontIndirectA
SetTextColor
RectVisible
SaveDC
GetClipBox
CreateCompatibleDC
LineTo
GetStockObject
RestoreDC
CreateSolidBrush
GetObjectA
DeleteDC
DeleteObject
SetMapMode
GetTextMetricsA
CreatePalette
SelectObject
GetPixel
GetDeviceCaps
SetTextAlign

user32

GetDesktopWindow
CharNextA
TranslateMessage
GetDC
GetParent
GetSystemMetrics

kernel32

CopyFileA
lstrcmpiA
GetSystemTime
DeleteFileA
QueryPerformanceCounter
lstrlenW
GetModuleHandleA
VirtualAlloc
GetWindowsDirectoryA
lstrcmpiW
GetCommandLineA
lstrcmpA
VirtualFree
GlobalFindAtomA
RemoveDirectoryA
lstrlenA
RemoveDirectoryW
FindClose

glu32

gluNurbsCallback

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ