0b9baebe5476e6cbb57f5978666d071e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b9baebe5476e6cbb57f5978666d071e_JaffaCakes118
Size

59KB
MD5

0b9baebe5476e6cbb57f5978666d071e
SHA1

f0505bf8d7564bb915e1e626256b4ddb64f0158d
SHA256

b87ed8a0471fdd2e82d6a63f1d17081e675f45860dd836bdf0c7340da3368792
SHA512

5a5a16c27ca26342b9498d2e88b9373a2691ed72e7a63238f2ba3fe16e6aa39fa4c66c0e79a4d2a1dd65323b5b7a937a6688058ffe883e27242f77f79d4170fa
SSDEEP

768:RDm0zeMU08si7UhIuK/I0LbvtgrXq92mxlN2sZhLawmdkAfVyewszczOyXjpzkdI:pLUL5JLJIXq9VvTSTV7c6yX1zkjd8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b9baebe5476e6cbb57f5978666d071e_JaffaCakes118

Files

0b9baebe5476e6cbb57f5978666d071e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

aa9b17a98dcf70ab4579240162b2893a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetParent
GetDC
CharNextA
GetDesktopWindow
GetSystemMetrics
TranslateMessage

kernel32

GetSystemTime
GlobalFindAtomA
GetCommandLineA
GetWindowsDirectoryA
CopyFileA
GetModuleHandleA
lstrlenW
lstrcmpiA
RemoveDirectoryW
QueryPerformanceCounter
FindClose
lstrcmpiW
RemoveDirectoryA
DeleteFileA
VirtualAlloc
VirtualFree

gdi32

SaveDC
RectVisible
CreateFontIndirectA
DeleteObject
SetTextAlign
CreateCompatibleDC
GetPixel
LineTo
GetTextMetricsA
SetStretchBltMode
CreateSolidBrush
GetDeviceCaps
SetMapMode
SetTextColor
GetObjectA
SelectObject
RestoreDC
CreatePalette
SelectPalette
GetClipBox

glu32

gluNurbsCallback

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ