09388f534fadacbba4ec6ea3cedfc7d3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09388f534fadacbba4ec6ea3cedfc7d3_JaffaCakes118
Size

112KB
MD5

09388f534fadacbba4ec6ea3cedfc7d3
SHA1

05d9feddd4fd0c64f808e141a3cbd57e9181fd27
SHA256

c3db09073375aea855abc3c78f491e7b53c58bc21970cefe4ba88368480f2855
SHA512

f3d2c1fd87480c486888b9c3542473ffd7961581974bbd980f71210583652794424b04f1658b8c14eb81abad4133e0cb47d0559ddf0eabae868d92c5972c6864
SSDEEP

3072:MgFaZc0lsSEpPORkXvRkym+sWKRswJNd3CWMgX:MsaZcVdwWvXUjxPj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09388f534fadacbba4ec6ea3cedfc7d3_JaffaCakes118

Files

09388f534fadacbba4ec6ea3cedfc7d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4ab9f1769a274a9edb36ed64337bc34f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
CopyFileA
lstrcmpA
GetWindowsDirectoryA
lstrcmpiA
lstrlenW
lstrcmpiW
lstrlenA
RemoveDirectoryA
RemoveDirectoryW
DeleteFileA
FindClose
GetCommandLineA
GetModuleHandleA
VirtualAlloc
GetSystemTime
VirtualFree

gdi32

RestoreDC
GetObjectA
CreatePalette
SetMapMode
SetStretchBltMode
GetStockObject
CreateFontIndirectA
SetTextColor
SaveDC
SelectObject
SetTextAlign
GetDeviceCaps
CreateSolidBrush
CreateCompatibleDC
GetTextMetricsA
GetPixel
LineTo
RectVisible
SelectPalette
DeleteObject
DeleteDC
GetClipBox

user32

CharNextA
GetSystemMetrics
GetDesktopWindow
TranslateMessage
GetDC
GetParent

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zndwoye
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE