09e1104173eb24cd309009127203cbe0_JaffaCakes118 | Triage

Sharing

General

Target

09e1104173eb24cd309009127203cbe0_JaffaCakes118
Size

110KB
MD5

09e1104173eb24cd309009127203cbe0
SHA1

11f76a1ad3f910e92a734298f075d39768d5700a
SHA256

6e13aff0b5fc5d725ef0795fa93ec75708bc180c8628df03e4e9e9eec652429c
SHA512

3f061955539c6ec1ca6ffa69ad125696bffa6d9f4d8d3ad5f0822f5cda21af4f8ae9e08525837b04b4766de5b03b8b9fdfac23758241784ed47b65838809706b
SSDEEP

1536:mTmrDRSsNuaInMlU0sta/0RERODDw9dAcjF0Q7mxd2e1MIfd2EQYMOw53iMEvduN:GM1SsN/ID0sg/0Rf8ba2/OwnP25JB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09e1104173eb24cd309009127203cbe0_JaffaCakes118

Files

09e1104173eb24cd309009127203cbe0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b015243f60ffbe7858d7b2500bf291f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
GetWindowsDirectoryA
CopyFileA
lstrlenA
lstrlenW
GetCommandLineA
QueryPerformanceCounter
RemoveDirectoryW
RemoveDirectoryA
FindClose
GlobalFindAtomA
GetModuleHandleA
GetSystemTime
VirtualAlloc
lstrcmpA
DeleteFileA
lstrcmpiA
VirtualFree

gdi32

CreatePalette
CreateFontIndirectA
CreateSolidBrush
RectVisible
SetStretchBltMode
GetDeviceCaps
SetMapMode
DeleteDC
SelectObject
GetPixel
SelectPalette
GetStockObject
LineTo
GetTextMetricsA
GetObjectA
SetTextColor
GetClipBox
RestoreDC
DeleteObject
SaveDC
SetTextAlign

user32

TranslateMessage
GetSystemMetrics
GetParent
GetDC
GetDesktopWindow
CharNextA

glu32

gluNurbsCallback

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ